The application makes a request to the authorization server using the public key and private key , receives a token when passing authorization. So, when we get this token, we get it on any callback , and how should we save it correctly in our application? Write in the application database in the form: the user is a token and with each request, take a token entry from the database and send it in the header? Now at least I plan to do so, or maybe there are some more correct options, or did I misunderstand the essence of authorization in restApi ?
- Got a token and keep it in memory. if you need it in case the server restarts (it happens in cloud systems), then write this token somewhere. to file or database, etc. - Stack
|