stackoom
  简体   繁体   中英

Are OWIN Cookie & Bearer Tokens the same?

 原文  2014-12-05 14:52:13       c#/ asp.net-mvc-4/ asp.net-web-api/ owin/ katana

Question

When I call the OWIN /token endpoint I get the bearer token in the response and a set-cookie header that has a token. Are these tokens the same? If not how do I make them the same?

1 answers

solution1
 2 ACCPTED  2014-12-05 20:19:53

No they are not the same, the token you receive is the access token needed to access your protected API (APIs attribute with [Authorize] ) and contains all the claims you want to encode inside it.

I've not seen token inside cookie returned when you call /token end point. Anyhow you usually depend on tokens or cookies for security not both.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question OWIN Security - How to return a refresh token in a cookie while maintaining authentication bearer tokens User login not being authenticated using OWIN bearer tokens Modifying OWIN OAuth middleware to use JWT bearer tokens Return custom type with Bearer Tokens using Owin in WebApi2 Return more info to the client using OAuth Bearer Tokens Generation and Owin in WebApi OWIN Bearer Token Authentication Using both OWIN Cookie Authentication and Windows Authentication in the same MVC application Owin Bearer Token Not Working for WebApi Bearer and Cookie Authentication OWIN Cookie Authentication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM