Contents tagged with SWT

  • Security Tokens

    Hello everybody,

    today I want to write a few words about security tokens in OAuth2. 

    So, first of all I'd like to point that security tokens wasn't needed for corporate world. When I say corporate world, I mean networks like B2B, or B2E or something, that has strong system administration army.

    But if you need to provide B2C or something like this than you'll need tokens.

    As usually tokens has following features:

    Security tokens are protected data structures

    Also not prescribed in OAuth2 but quite often security tokens implemented as JSON web tokens

    has information about producer and topic ( claims )

    signed ( has some kind of identity proof )

    as usually contain expiry date time … more