Monday, April 7, 2025

Authentication in .NET

 

TypeCommon Use CaseToken Type / Auth Flow
JWT Bearer TokenAPIs, SPAs, Mobile AppsToken-based (Stateless)
Cookie AuthenticationWeb Apps (MVC / Razor Pages)Cookie-based (Stateful)
OAuth2 / OpenID ConnectSocial Login, Enterprise SSOExternal Identity Providers
API Key AuthSimple Public APIsKey in Header/Query
Windows AuthenticationIntranet apps, Enterprise networks (AD/LDAP)Windows/Kerberos
Certificate AuthenticationHigh-security APIs (B2B)X.509 client certs
Custom Token / HMACLegacy systems, Highly controlled environmentsCustom logic




What does JWT Has 

JWT - JSON Web Token has 3 parts
Header  - metdata information
Payload  - User centric inform
Signature - 

No comments: