Comments on: Token based vs. Certificates based authentication https://www.anujvarma.com/token-based-vs-certificates-based-authentication/ Production Grade Technical Solutions | Data Encryption and Public Cloud Expert Tue, 07 Mar 2023 19:24:06 +0000 hourly 1 https://wordpress.org/?v=6.9.4 By: ASHES MUKHERJEE https://www.anujvarma.com/token-based-vs-certificates-based-authentication/#comment-41889 Mon, 13 Jan 2020 23:39:12 +0000 http://www.anujvarma.com/?p=4569#comment-41889 Thanks for the synopsis. But JWTs can also be signed asymmetrically and the kid is included in the header. Then is the statement “Tokens are essentially a symmetric key. That means that the same key has to be both on the client and the server to be able to authenticate users. Certificates use an asymmetric set of keys. Certificates are based on public-key cryptography and the client has one key (the private key) that is never shared by anyone else.” still relevant?

I am evaluating a security solution for a financial client implementing check reorder capability and want to ensure we pick the right security model. Thanks

]]> By: Niprud TM https://www.anujvarma.com/token-based-vs-certificates-based-authentication/#comment-41453 Fri, 20 Sep 2019 09:58:36 +0000 http://www.anujvarma.com/?p=4569#comment-41453 can we use both token based and certificate based authentication in an application

]]>