reading-notes

Reading Notes for Codefellows!

---

Project maintained by AlanYHung Hosted on GitHub Pages — Theme by mattgraham

Code 401 ASP.NET

Reading 19

(All My Notes are attributed/sourced from the Resources directly preceding them.)

Summary

• When an identity is created, it can be assigned one or more claims
  • The claims are key value pairs that determine what a user can or cannot do
• Authentication and Authorization is determined when a user is created
  • Authentication determines who the user is
  • Authorization determins what the user can do
    • Authorization can be changed over time after the registration of a user
• There are 3 parts to a JWT Token
  • First part is the Header - This determines what Signature will be used
  • Second part is the Payload - This contains the claims
  • Third part is the Signature - This is the encryption
• When using JWT Tokens, there needs to be communication between Producers and Consumers
  • Producers are the service providers while consumers are the users of the service
  • First they need to Share the Secret
  • Second they need to Prepare the Payload
  • Third they need to Get the Token
  • Fourth they need to Identify the Consumer

Resources

• Claims-based authorization in ASP.NET Core

  • Author: Microsoft Docs

  • Article Source

Resources

• Introduction to Authentication with ASP.NET Core

  • Author: Andrew Lock

  • Article Source

Resources

• Part 2: JWT to authenticate Servers API’s

  • Author: Rachit Gulati

  • Article Source

<– Back