Using JWT policies
JWT (pronounced jot) is one of the methods of defining the identity information of a user/system (a client) in a JSON format. It is primarily used in authorization scenarios where its usage is employed to pass an authenticated client's meta-information (identity and claims) to the server in a secure and verifiable format. JWT removes the burden of storage of an authenticated client's information on the server in such a use case. Generally, without JWT, websites use cookies to pass an authenticated client's access information to the server and rely on the server to store cookies on the server side. The use of cookies is discouraged for the reasons of privacy and security.
In the authorization scenario, the client and server interaction works as follows:
- The client performs its initial authentication with the authentication system.
- The authentication system generates a JWT that contains various meta-information, such as the client&apos...
