After creating 10+ applciations in asp net core with JWT, now I understand how the jwt actually works 🙃
@RawCoding21 күн бұрын
Nice!
@cocoscacao61022 жыл бұрын
As always, great vid. I'd love to hear about C# streams (in depth). Have you ever planned to cover that topic?
@RawCoding2 жыл бұрын
Not yet, I’ll keep it in mind.
@narminalieva46942 жыл бұрын
You are so great. Also you are reading my mind, whenever i need some topic next day it’s on your channel 💥
@ricardothomas37792 жыл бұрын
Great video Anton!
@AliMustafa-xp8ih2 ай бұрын
Great video. Thank you.
@smokeraven Жыл бұрын
It would be handy to have a slide or a quick minute that explains the dotnet new commands (or whatever) to setup the base projects shown. Love the vids and very helpful.
@RawCoding Жыл бұрын
thank you, if you're trying to learn jwt's I expect you are fully capable of figuring out how the dotnet command line tool works
@smokeraven Жыл бұрын
@@RawCoding in my case it's exactly that I haven't been using the code IDE but it turns out to be pretty simple 🤓
@josepvg2 жыл бұрын
Amazing video, thanks :)
@RawCoding2 жыл бұрын
Thank you for watching
@omidkianifar51442 ай бұрын
Why using jwk instead of public key for validating jwt?
@icemanja10 ай бұрын
Great content Anton, Could this private/public key setup be used in a microservice architecture where the identity app generates the token with the private key and other services use the public key the authenticate the jwt token?
@anurag3487Ай бұрын
use API gateway to handle all auth related stuffs in a microservices scenario
@kleberperez2580 Жыл бұрын
Anton, Thanks for the video, How did you get the jwtString value?
@RawCoding Жыл бұрын
at what time?
@sadafziya563610 ай бұрын
thanks for your video. if i want to implement microservice and have authentication too, can I use this method ? Assume I have two project one is Security other one is Parts ... before user can to use parts webservice , have to be authenticate.
@sorinvasiliu2 жыл бұрын
baller! ty for this
@RawCoding2 жыл бұрын
thank you for watching
@piotrc9662 жыл бұрын
Very good content.
@RawCoding2 жыл бұрын
Thank you
@dannyjiang98 Жыл бұрын
很好的视频
@RawCoding Жыл бұрын
🙏
@mohamedesmaeil2236 Жыл бұрын
excuse me , can I use JWT without identity because it doesn't cover my needs in authorization
@RawCoding Жыл бұрын
Of course
@mohamedesmaeil2236 Жыл бұрын
@Raw Coding I will be appreciate if you send link about implement that
@RawCoding Жыл бұрын
Watch the identity management video in the playlist.
@mohsenrafiei3432 Жыл бұрын
Do you have any program to teach Duende Identity Server in next videos?
@RawCoding Жыл бұрын
We will be covering openiddict
@joshem322 жыл бұрын
Which one do you recommend jwt or cookie authentication with spa?
@RawCoding2 жыл бұрын
Cookie 🍪
@MinhNguyen-zx8me2 жыл бұрын
@Raw Coding: may I know the reason why ? I heard so many people saying that cookie is not mobile friendly, and they suggest to use jwt token instead.
@RawCoding2 жыл бұрын
@@MinhNguyen-zx8me cookies are automatically handled by browsers, not httpclients - your mobile app will programmed with an httpclient. For mobile it doesn't matter you'll have to do manual work for both cookies and tokens. For browsers cookies are handled securely automatically. So Cookies.
@kaznnknzn8752 жыл бұрын
Great as always! But what about two factor authentification ? Maybe innthe future we will see vide about it?:) As example how setup Identity server with 2fa
@RawCoding2 жыл бұрын
Maybe 2fa, but it has nothing to do with identity server, so you won’t see the 2 together
@MrJonnis13 Жыл бұрын
Thank you for your great and in-depth video. A question on how the External validation of the Token using the public key 29:04: We sending to External the Token which consists of Plain Data (Header + Payload) plus the signature (encrypted Plain Data) generated on Auth Server side. On External side then, we load the Token, and *signature + Public key = hash1* . Then we get the *Plain Data + WHAT = hash2* . If *hash1 == hash2* , validation passes and we are Authenticated. So my question is: what is this *WHAT* on the above formula ? Is this the public key *OR* some hashing algorithm that was used also in Auth Server side before it encrypted it ?
@RawCoding Жыл бұрын
I didn't explain this point very well. Server digest/hash = sha256(data). signature = encrypt(hash, privateKey) token = data + signature External digest1/hash1 = sha256(data) digest2/hash2 = decrypt(signature, publicKey) valid = hash1 == hash2 Encryption - private decrypts, public encrypts Signing - private encrypts, public decrypts How this interchanges I have no clue.
@MrJonnis13 Жыл бұрын
@@RawCoding Thank you for the reply and the clarification. So this "What" is actually the *sha256* algorithm.
@mahmudx2 жыл бұрын
Please create videos on (Identity, JWT) with multi-tenancy.
@RawCoding2 жыл бұрын
We'll see )
@abdulnaveed4984 Жыл бұрын
how to use jwt with external authentication e.g: aws forgate
@RawCoding Жыл бұрын
Watch the OAuth videos
@weamhaleemi4984 Жыл бұрын
Gg first half was understandable then you dived into the complex code and started doing random stuff and Im lost