Reputation: 655
Is generating your own JWT Bearer the same as OAuth/OpenID Connect?
Since I don't know, and can't find information about this:
When I have an ASP.NET Core WebAPI with a AuthenticationController.cs where I have a Login()-method that generates a JWT Bearer token with JwtSecurityToken class, is that considered an OAuth2.0 and/or OpenID Connect (or neither)? And is my approach safe (enough) to protect my API?
I'm trying to understand OAuth2.0 and OpenID Connect, and if I'm using it already or not.
And if I should switch my way of security to something like IdentityServer for the use of OAuth2.0 & OpenID Connect.
Upvotes: 0
Views: 266
Answers (1)
Reputation: 2600
JwtBearer token is just part of OAuth2.0 https://oauth.net/2/bearer-tokens/ but OAuth2.0 as topic itself is much bigger then just jwt token
And if I should switch my way of security to something like IdentityServer for the use of OAuth2.0 & OpenID Connect.
It depends on the requirement that if you want to maintain user information within your application or you want to delegate that task to another application like identityserver
Upvotes: 1
Related Questions
- What is the difference between AddJwtBearer and AddOpenIdConnect in .NET Core Authentication?
- JSON Web Token vs Bearer Token in Web Api
- What are the differences between JWT and OAuth authentication?
- ASP.NET Identity Bearer Token vs JWT Pros and Cons
- Differences between AspNetUserToken and custom made JWT token in .NET Core 3.0
- Jwt token vs access token
- Issuing JWT token myself versus using IdentityServer4(OIDC) for Web API
- asp.net webapi UseOAuthBearerAuthentication vs UseJwtBearerAuthentication
- JWT bearer tokens w/ ASP.NET Identity 3
- How is JWT related to OAuth?