Discover and read the best of Twitter Threads about #auth
Most recents (4)
1/14 ๐ We've put together an in-depth series on APIs, covering everything from fundamentals to AI APIs. Join us on this journey! #APIs #WebDevelopment #Coding
2/14 ๐ Starting with API fundamentals, we dive into the basics that every developer should know. Get the solid foundation you need! vegibit.com/%f0%9f%93%9a-aโฆ #APIFundamentals #BackToBasics #LearnToCode
3/14 ๐ HTTP and RESTful APIs are key to modern web services. Learn how these technologies power the web. vegibit.com/%f0%9f%8c%90-hโฆ #RESTfulAPIs #HTTP #WebServices
๐ก๐๐ก๐๐ญ ๐๐ซ๐ ๐๐๐๐ฌ?๐ก
If you work with APIs, you've probably come across JWTs. JWT stands for ๐๐๐๐ ๐๐๐ ๐๐จ๐ค๐๐ง, and it's a JSON document that contains information about a user. We call the properties of a JWT claims.
๐งต๐งต๐งต๐งต
1/
#API #jwt #auth #WebSecurity
If you work with APIs, you've probably come across JWTs. JWT stands for ๐๐๐๐ ๐๐๐ ๐๐จ๐ค๐๐ง, and it's a JSON document that contains information about a user. We call the properties of a JWT claims.
๐งต๐งต๐งต๐งต
1/
#API #jwt #auth #WebSecurity
There're two types of JWTs:
๐ ๐๐ ๐ญ๐จ๐ค๐๐ง๐ฌ are tokens carrying user-identifying data like their name and email. You should ๐๐๐๐๐ use an ID token to validate access to an API.
๐ ๐๐๐๐๐ฌ๐ฌ ๐ญ๐จ๐ค๐๐ง๐ฌ are tokens with claims about the right to access an API.
2/
๐ ๐๐ ๐ญ๐จ๐ค๐๐ง๐ฌ are tokens carrying user-identifying data like their name and email. You should ๐๐๐๐๐ use an ID token to validate access to an API.
๐ ๐๐๐๐๐ฌ๐ฌ ๐ญ๐จ๐ค๐๐ง๐ฌ are tokens with claims about the right to access an API.
2/
We use access tokens to validate access to an API.
A JWT has three components: header, payload, and signature
๐
๐ธ ๐๐๐๐๐๐ซ: it identifies the document as a JWT and contains metadata, such as the algorithm and the key ID used to sign the token.
3/
A JWT has three components: header, payload, and signature
๐
๐ธ ๐๐๐๐๐๐ซ: it identifies the document as a JWT and contains metadata, such as the algorithm and the key ID used to sign the token.
3/
So #COVID19Vaccination has its own app - tech infra management - #CoWIN.#Thread to keep a watch on this. It is *as* important or even more important than @SetuAarogya app Page 45 of web.archive.org/web/2021010921โฆ CoVID-19 Vaccine Intelligence Network (Co-WIN): The Digital Platform
High level overview of CoWIN- VIN operations. 
cowin.gov.in/home - is the website and app.cowin.gov.in/home is the app backend for CoWIN beneficiary registration and AEFI management
#AadhaarVerdict
The only 5 things we needed:
1) #Aadhaar is legal
2) Don't save Aadhaar#Biometrics or Copy
3) ANY legal entity in India can do an AUTH
4) eKYC only for Govt/Regulated Entities
5) Auth/eKYC record saved by @UIDAI for 180 days
The only 5 things we needed:
1) #Aadhaar is legal
2) Don't save Aadhaar#Biometrics or Copy
3) ANY legal entity in India can do an AUTH
4) eKYC only for Govt/Regulated Entities
5) Auth/eKYC record saved by @UIDAI for 180 days
#Aadhaar is legal and not unconstitutional
What constitutes Aadhaar data has to be clear - to me its only Aadhaar Number
& biometrics. My name, Addr, DOB, Sex, Photo are NOT #Aadhaar data-
whether someone got/verified them from UIDAI or not its NOT Aadhaar Data,
its *MY* data!
What constitutes Aadhaar data has to be clear - to me its only Aadhaar Number
& biometrics. My name, Addr, DOB, Sex, Photo are NOT #Aadhaar data-
whether someone got/verified them from UIDAI or not its NOT Aadhaar Data,
its *MY* data!
NOBODY can save Aadhaar#Biometrics or Copy (of Aadhar).
Nobody saves biometrics - non-issue.
The whole reason for the concern of linking came from the common ID number
the 12-digit Aadhaar Number.
Saving a copy of the Aadhaar Letter/Card should also be disallowed.
Nobody saves biometrics - non-issue.
The whole reason for the concern of linking came from the common ID number
the 12-digit Aadhaar Number.
Saving a copy of the Aadhaar Letter/Card should also be disallowed.
