DEV Community 👩‍💻👨‍💻

Discussion on: Using JWTs for authentication—is it worth the effort?

bingalls profile image
Bruce Ingalls

Where do you find that "JWT was invented for OAuth2"? JWT (RFC7519) was created significantly later than OAuth2 (RFC6749). However, OAuth2.0 Tokens (RFC8693) accommodates JWT & other tokens.
JWT is part of the JOSE suite of JSON security. If JWT was created for anything, it would be OpenID Connect (akin to OpenID 2.0)

BTW this article skips the usefulness of JWT for native app development. as well as server-server communications (as you infer with micro-services)

pmorch profile image
Peter Valdemar Mørch

Wups, probably my bad. Thanks for the correction.