verify the payload is generated with the shared public key
and RSA fitting all of these.
As I've only made auth with JWT so far, I'm not sure. If I use RSA, I guess I have to put the encrypted text in the body.
Do you think it can be used? Any other suggestions?
solrize - 2.3yr
RSA is somewhat deprecated these days (use ECDSA instead) but you really have to know what you're doing either way. What is the application? What is the implementation language? Can you use NaCl/libsodium/whatever? Can you simply use TLS instead of application level encryption?
iso in webdev
Can RSA be used for web API authentication?
cross-posted from: https://lemy.lol/post/4569543
RSA is somewhat deprecated these days (use ECDSA instead) but you really have to know what you're doing either way. What is the application? What is the implementation language? Can you use NaCl/libsodium/whatever? Can you simply use TLS instead of application level encryption?
We discussed here more: https://lemmy.ml/post/3715583