469,301 Members | 2,278 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,301 developers. It's quick & easy.

JWT with OAuth

7 Nibble
How to use JWT with OAuth?
Oct 12 '20 #1
2 2359
SwissProgrammer
213 128KB
JWT (JASON Web Tokens) uses a digital signature, and I have found (the common use of) this to be insecure. Example: tokens can be intercepted.

OAuth (adding a defined protocol), if you use it with your own self-coded, custom, authentication scheme is much better, but in this case it's security depends upon your own addition to it.

How to use?
To maximize your security, you should code an addition to OAuth or you should one-time-pad encrypt your tokens. Example: Server-Side has a bank of OTPs (for that one single customer) and Client-Side has the same bank of OTPs. Supply the Client-Side directly (in-person) to your clients with your own coded custom installation software.
or
Use OAuth without a standard JWT (write your own) and use the OTP process as described above.
If you are looking into OAuth and (which can use) JWT then you might have need of, or interest in, security. The actual security is up to you and there is no commonly known encryption that even comes close to OTPs. Example: OTPs can not be mathematically or computationally broken down into a mathematical or computational process.
Oct 13 '20 #2
LauraNutt
7 Nibble
This is really helpful thanks :)
Oct 16 '20 #3

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

HaLo2FrEeEk
1 post views Thread by HaLo2FrEeEk | last post: by
reply views Thread by saikrishna123 | last post: by
reply views Thread by suresh191 | last post: by
reply views Thread by harlem98 | last post: by
reply views Thread by harlem98 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.