Reading-Notes

code fellows 401

Read: 08 - Access Control (ACL)

When is Basic Authorization used vs. Bearer Authorization?

Bearer Authorization is a more advanced authorization requests.

What does the JSON Web Token package do?

The JSON Web Token package lets you use token authentication.

What considerations should we make when creating and storing a SECRET?

Secrets should be kept a secret.

Vocab:

Encryption: The encryption process translates information using an algorithm that makes the original information unreadable.

Token: Defines a way to securely transmit info between two applications/parties and is trusted because it is digitally signed.

Bearer: A person or thing that carries or holds something.

Secret: A hidden value used to sign tokens.

JSON Web Token: JSON Web Token (JWT) is a compact URL-safe means of representing claims to be transferred between two parties.