Token-Based Security, OAuth 2.0, OIDC and IdentityServer4 — Part 2
In my previous post, we learned that OAuth is an authorization framework specially built for HTTP APIs. It allows a user to securely delegate scoped API Access to an application.
By scoped access means, that users define exactly what parts of an API, they want the application to be allowed to use. This…