24Haz
JWT vs. Client Certificates
We have a transaction server that is connected to by different client applications. The requirement is to have a secure means of authentication for client applications to communicate with the transaction server. The two solutions being looked at are JWT and client certificates.
In your opinion what are the advantages and disadvantages of either option from a security and efficiency standpoint. I realize that this question is a bit generic and that's specifically because we want to get some more generalized ideas before moving into a specific solution considering these components are still under development.
Any advice from those who have used either technology would be appreciated!
