Discover and read the best of Twitter Threads about #Auth

Most recents (4)

1/14 ๐Ÿš€ We've put together an in-depth series on APIs, covering everything from fundamentals to AI APIs. Join us on this journey! #APIs #WebDevelopment #Coding
2/14 ๐Ÿ“š Starting with API fundamentals, we dive into the basics that every developer should know. Get the solid foundation you need! vegibit.com/%f0%9f%93%9a-aโ€ฆ #APIFundamentals #BackToBasics #LearnToCode
3/14 ๐ŸŒ HTTP and RESTful APIs are key to modern web services. Learn how these technologies power the web. vegibit.com/%f0%9f%8c%90-hโ€ฆ #RESTfulAPIs #HTTP #WebServices
Read 16 tweets
๐Ÿ’ก๐–๐ก๐š๐ญ ๐š๐ซ๐ž ๐‰๐–๐“๐ฌ?๐Ÿ’ก

If you work with APIs, you've probably come across JWTs. JWT stands for ๐‰๐’๐Ž๐ ๐–๐ž๐› ๐“๐จ๐ค๐ž๐ง, and it's a JSON document that contains information about a user. We call the properties of a JWT claims.

๐Ÿงต๐Ÿงต๐Ÿงต๐Ÿงต
1/

#API #jwt #auth #WebSecurity
There're two types of JWTs:

๐Ÿ‘‰ ๐ˆ๐ƒ ๐ญ๐จ๐ค๐ž๐ง๐ฌ are tokens carrying user-identifying data like their name and email. You should ๐๐„๐•๐„๐‘ use an ID token to validate access to an API.

๐Ÿ‘‰ ๐€๐œ๐œ๐ž๐ฌ๐ฌ ๐ญ๐จ๐ค๐ž๐ง๐ฌ are tokens with claims about the right to access an API.

2/
We use access tokens to validate access to an API.

A JWT has three components: header, payload, and signature

๐Ÿ‘‡

๐Ÿ”ธ ๐‡๐ž๐š๐๐ž๐ซ: it identifies the document as a JWT and contains metadata, such as the algorithm and the key ID used to sign the token.

3/
Read 7 tweets
So #COVID19Vaccination has its own app - tech infra management - #CoWIN.#Thread to keep a watch on this. It is *as* important or even more important than @SetuAarogya app Page 45 of web.archive.org/web/2021010921โ€ฆ CoVID-19 Vaccine Intelligence Network (Co-WIN): The Digital Platform
High level overview of CoWIN- VIN operations.
cowin.gov.in/home - is the website and app.cowin.gov.in/home is the app backend for CoWIN beneficiary registration and AEFI management
Read 18 tweets
#AadhaarVerdict
The only 5 things we needed:
1) #Aadhaar is legal
2) Don't save Aadhaar#Biometrics or Copy
3) ANY legal entity in India can do an AUTH
4) eKYC only for Govt/Regulated Entities
5) Auth/eKYC record saved by @UIDAI for 180 days
#Aadhaar is legal and not unconstitutional
What constitutes Aadhaar data has to be clear - to me its only Aadhaar Number
& biometrics. My name, Addr, DOB, Sex, Photo are NOT #Aadhaar data-
whether someone got/verified them from UIDAI or not its NOT Aadhaar Data,
its *MY* data!
NOBODY can save Aadhaar#Biometrics or Copy (of Aadhar).
Nobody saves biometrics - non-issue.
The whole reason for the concern of linking came from the common ID number
the 12-digit Aadhaar Number.
Saving a copy of the Aadhaar Letter/Card should also be disallowed.
Read 7 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!