oauth2
-
Open Authorization(OAuth) 2.0Web/Security 2019. 8. 29. 15:05
1. Overview OAuth is an open standard protocol for authentication External service functions can be used in other applications OAuth2.0 is not compatible with 1.0, but the authentication process is simple 1.1 Difference between OAuth and Login Login is when a member of the A service uses the A service In the case of OAuth, the B service performs authentication and authentication through the meth..
-
JWT, JWS, JWE, JWA, and JWKWeb/Security 2019. 8. 27. 21:53
1. Overview JWT is used to transport user identity/entitlements between interested parties in a secure manner. JWS and JWE are instances of the JWT when used compact serialization JWS and JWE can be serialized using either the compact serialization or JSON serialization JWT doesn't' define a specific binding, but in practice, JWT tokens are transported over HTTPS under the Authorization Bearer h..