Security Tokens

• https://certificatedecoder.dev/

* default authentication
* bearer authentication

Security Token
  [Expiration Time]
  [Signature]

JSON Web Token (JWT) | SAML 1.1/2.0 | Simple Web Token (SWT)
  HMACSHA256-384
  ECDSA
  RSA
  sigature
  encryption (RSA, AES/CGM)                symmetric only

OpenID Connect
    mandates JWT

OAuth 2.0
    does not mandate JWT


Header
Claims

Nuget
http://nuget.org/packages/Microsoft.IdentityModel.Tokens.JWT/

new JWTSecurityToken()

OAuth 1.0   (2010)
   Authorization Problem
OAuth 2.0
   * limiting access


Bearer Tokens

Introduction to OAuth2, OpenID Connect and 
  JSON Web Tokens (JWT)

Client => WebApplication 
Resource Owner