Authenticating API Clients with JWT and NGINX Plus
Authenticating API Clients with JWT and NGINX Plus table, th, td { border: 1px solid black; } th { background-color: #d3d3d3; align: left; padding-left: 5px; padding-bottom: 2px; padding-top: 2px; line-height: 120%; } td { padding-left: 5px; padding-bottom: 5px; padding-top: 5px; line-height: 120%; } JSON Web Tokens (JWTs, pronounced “jots”) are a compact and highly portable means of exchanging identity information. The JWT specification has been an important underpinning of OpenID Connect, providing a single sign‑on token for the OAuth 2.0 ecosystem. JWTs can also be used as authentication credentials in their own right and are a better way to control access to web‑based APIs than traditional API keys. With the release of NGINX Plus R10, NGINX Plus can validate JWTs directly. In this blog post we describe how you can use NGINX Plus as an API gateway, providing a frontend to an API endpoint [ more… ]