0

I have to implement multiple type of authentication in my backend application.

  1. JWT authentication
  2. API key authentication

In case of JWT authentication:- After successfull authentication of user, claims like UserId, UserName... added to JWT token. Some protected API's get data from this token and added to the database.

Now the problem is that In case of API Key authentication:- I have no claims because API key auth is not like JWT authentication (JWT token).

I tried to generate an API key using some root user always but its not a standard practice or design principle.

I want to know how these types of authentication are managed? Is it possible to use JWT as well as API key authentication? If using API key and storing data related to API key in database and getting it from db or any in memory cache (makes it session based authentcation, and I think then no use of JWT here if I need to manage it).

Please suggest how to managed this.

asked Dec 10, 2024 at 10:34

0

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.