471,595 Members | 1,614 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,595 software developers and data experts.

JWT with OAuth

7 Nibble
How to use JWT with OAuth?
Oct 12 '20 #1
2 2586
216 128KB
JWT (JASON Web Tokens) uses a digital signature, and I have found (the common use of) this to be insecure. Example: tokens can be intercepted.

OAuth (adding a defined protocol), if you use it with your own self-coded, custom, authentication scheme is much better, but in this case it's security depends upon your own addition to it.

How to use?
To maximize your security, you should code an addition to OAuth or you should one-time-pad encrypt your tokens. Example: Server-Side has a bank of OTPs (for that one single customer) and Client-Side has the same bank of OTPs. Supply the Client-Side directly (in-person) to your clients with your own coded custom installation software.
Use OAuth without a standard JWT (write your own) and use the OTP process as described above.
If you are looking into OAuth and (which can use) JWT then you might have need of, or interest in, security. The actual security is up to you and there is no commonly known encryption that even comes close to OTPs. Example: OTPs can not be mathematically or computationally broken down into a mathematical or computational process.
Oct 13 '20 #2
7 Nibble
This is really helpful thanks :)
Oct 16 '20 #3

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

1 post views Thread by HaLo2FrEeEk | last post: by
reply views Thread by saikrishna123 | last post: by
reply views Thread by XIAOLAOHU | last post: by
reply views Thread by leo001 | last post: by
reply views Thread by Anwar ali | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.