All APIs should depend on JWTs
Accept no request without a JWT
Verify issuer, audience, validity, scopes and claims
Uniform security model internally
Easy re-use of validation logic
Identity data is kept and can be trusted at API level
Last updated
Accept no request without a JWT
Verify issuer, audience, validity, scopes and claims
Uniform security model internally
Easy re-use of validation logic
Identity data is kept and can be trusted at API level
Last updated