Most APIs today use an API Key to authenticate legitimate clients. API Keys are very simple to use from the consumer perspective:
You get an API key from the service (in essence a shared secret).
Add the key to an Authorization header.
Call the API.
However, life isn’t as easy from the API producer part. In this talk, I’ll show how using JWTs as API Keys has greatly improved our architecture by giving us granular security, an homogenous auth architecture, decentralized issuance, debuggability and much more! Learn how to use it in your .Net Core APIs