Authorization/Authentication

1. What header(s) are used in authentication and authorization

• Basic Auth
• Bearer
• API Key
• Digest Auth
• OAuth2.0
• Hawk Authentication
• AWS Signature

1. What is safe to put into a JWT

• JWT can contain an unlimited amount of data

1. How are JWTs validated

• By checking it’s signature.The last segment of a JWT is the signature, which is used to verify that the token was signed by the sender and not altered in any way.

Document the following Vocabulary Terms

• RBAC: Role-based access control is a method of restricting network access based on the roles of individual users within an enterprise.

• User Roles: permission sets that control access to areas and features within the Professional Archive Platform

• JWT Token: a compact URL-safe means of representing claims to be transferred between two parties

<==Back