Skip to main content
Back to Tags

Authentication

26 items tagged with "authentication"

Filter by type:

FAQs9

FAQ

How do I generate a DSN token?

Run vibgrate dsn create --workspace ws-abc123 to generate an HMAC-signed DSN token. Use --region eu for EU data residency. Use --write .vibgrate/.dsn ...

FAQ

What is the difference between OAuth 2.0 and OpenID Connect?

OAuth 2.0 is an authorization framework: it lets an application obtain delegated access to resources on a user's behalf without sharing the user's cre...

FAQ

What is a JWT?

A JSON Web Token (JWT) is a compact, URL-safe token format that carries claims as a base64url-encoded header, payload, and signature separated by dots...

FAQ

Sessions vs tokens: what is the difference for authentication?

Session-based authentication stores state on the server and gives the client an opaque session ID, usually in a cookie; the server looks up the sessio...

FAQ

What is mutual TLS (mTLS)?

Mutual TLS extends standard TLS so that both the client and the server present and verify certificates, rather than only the client verifying the serv...

FAQ

What is the difference between an access token and a refresh token?

An access token is a short-lived credential a client sends with each request to prove it is authorized to call an API, typically expiring in minutes. ...

FAQ

What is an API key and how is it different from a token?

An API key is a static secret string that identifies and authenticates a calling application or project, usually passed in a header and tied to a set ...

FAQ

What is multi-factor authentication (MFA)?

Multi-factor authentication requires a user to present two or more independent proofs of identity from different categories: something you know (a pas...

FAQ

What is the difference between OAuth 2.0 and OpenID Connect?

OAuth 2.0 is an authorization framework that lets an application obtain delegated, scoped access to a user's resources without sharing their password,...