Token-based authentication is where a token is exchanged for all of a user's requests and it must be present in order for any user request to proceed into your application. For example:
- User K connects to your application
- The response from the application has a built-in token that is generated automatically and passed using web headers in the response
- As the application is running in such a web server, the application knows to place that token in any further requests or responses made
- When the next access to the application is made, the server will check whether the token is present and valid before allowing the request to be processed by the application
Technically, the token can be presented in two different ...