Serveur
App
post /login
{ id: 45 }
+ signature
{
login: ...,
pwd: ...
}
Secret
header +
Token
Token
post /messages
Decode & Check validity
200 + token
200 + payload
https://jwt.io
Auth0
Backend
Shared secret
App
Auth0
Database
Shared secret
login
jwt
Auth0 screens
Backend
jwt
Auth0
Shared secret
App
Local Database
Shared secret
login
jwt
Auth0 screens
Backend
jwt
https://auth0.com/docs/libraries/lock/v10/sending-authentication-parameters#scope-string-
https://auth0.com/docs/api/authentication#!#post--tokeninfo