Menu
I've been looking into the basics of .NET Core Authentication using Azure AD for an API that I'm building and I've been trying to find information about the authentication schemes. I get the difference between cookie and token based authentication but it seems to me that the JwtBearer and OpenIdConnect options are very similar in that they both work based on a token system.
I've done a lot of searching and I can't find anywhere that explains the differences between the two, in which scenarios you'd use one over the other or even the definitions of what these methods do. I've looked at a lot of tutorials online and even various YouTube videos and about 60% of them use AddJwtBearer and the others use AddOpenIdConnect to specify their authentication schemes. Could someone explain what these do and what the differences are?
424
You use AddJwtBearer to secure an API, meaning that the client of the API sends JWT-tokens to access the API and there is otherwise no human interaction.
AddOpenIdConnect you use to secure a web-application, where you have human interaction (login/logout...), because you typically redirect your user to your identity provider.
155
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
