Understanding identity services
Identity services are used to authenticate and authorize users. It is important for these services to implement open standards so that you can integrate disparate systems. Common standards include OpenID Connect and OAuth 2.0.
Microsoft has no plans to officially support third-party authentication servers like IdentityServer4 because “creating and sustaining an authentication server is a full-time endeavor, and Microsoft already has a team and a product in that area, Azure Active Directory, which allows 500,000 objects for free.”
JWT bearer authorization
JSON Web Token (JWT) is a standard that defines a compact and secure method to transmit information as a JSON object. The JSON object is digitally signed so it can be trusted. The most common scenario for using JWT is authorization.
A user logs in to a trusted party using credentials like a username and password, a biometric scan, or two-factor authentication, and the trusted...
