JWTs作为OAuth2.0关于Access_Token的具体解决方案, 为RFC 7519提出,但是后面又有个RFC 6750定义了Bearer Token,就是设置请求头:
Authorization: Bearer <token>请问两者是什么关系呢?我使用JWTs发送token到服务端,也可以像上面那样加到请求头?
大家讲道理2017-04-17 15:57:42
OAuth uses JWTs as the client's authentication method. The IEFT document clearly states Using JWTs for Client Authentication
JWTs transfer Token using the new definition
Authorization: Bearer <token>That’s the relationship. If your client needs to call server resources, it should store the obtained token in the above request header. Your understanding is correct.