CHAPTER 10
Web Tokens
A security token is a container of claims packaged for secure transportation over the network. As the carrier of claims, security tokens have an important role to play in the claims-based security model covered in Chapter 5. A token issuance authority issues a token to a client application after authenticating the user credentials. The client application then presents this token to the relying party (RP) application as a user credential. The RP application verifies the token and establishes the identity for the user based on the claims contained in the token.
A security token is often short-lived compared to other ownership ...
Get Pro ASP.NET Web API Security: Securing ASP.NET Web API now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
