Timeline for REST API security Stored token vs JWT vs OAuth
Current License: CC BY-SA 3.0
10 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Dec 24, 2017 at 22:42 | comment | added | Onur Yıldırım | This answer confuses apples & oranges. You should not compare these with OAuth 2.0 (the "authorization" spec). What OP needs to know about is: "Resource Owner Password Flow" — which is authentication as a grant. | |
| Jan 31, 2017 at 10:25 | comment | added | Silver | You say: "The data stored in the JWT is readable by the client. This may be an issue.. Why not use JWE if that is an issue? | |
| Jan 15, 2017 at 11:31 | comment | added | amd | I don't know why this is the accepted answer? it doesn't answer the real question, just reforming the question in other way | |
| Oct 11, 2016 at 5:06 | comment | added | Aftab Naveed | To add to your answer, oAuth may not be useful when user wants to signup using their company accounts which are not usually associated or linked with any of the social networking websites or google. | |
| S Jul 21, 2016 at 13:27 | history | suggested | Duncan Lock | CC BY-SA 3.0 |
Headings & formatting
|
| Jul 21, 2016 at 6:10 | review | Suggested edits | |||
| S Jul 21, 2016 at 13:27 | |||||
| Jan 29, 2016 at 3:04 | history | edited | Chad Clark | CC BY-SA 3.0 |
Spelling
|
| Jan 28, 2016 at 9:00 | vote | accept | CROSP | ||
| Jan 26, 2016 at 20:11 | review | First posts | |||
| Feb 25, 2016 at 20:09 | |||||
| Jan 26, 2016 at 20:07 | history | answered | Chad Clark | CC BY-SA 3.0 |