I am building an ASP.NET Core web app and Angular and I want to secure it using token-based authentication. I am relatively new to the authentication mechanism, so have few clarifications.
I have decided to go about using jwt token based authentication using this tutorial link https://medium.com/c-sharp-progarmming/asp-net-core-5-jwt-authentication-tutorial-with-example-api-aa59e80d02da
I also came across another tutorial which explains token based using authentication using owin https://www.c-sharpcorner.com/UploadFile/ff2f08/token-based-authentication-using-Asp-Net-web-api-owin-and-i/
Now my question is which protocol does the link1 implement? Is it OWIN? Do we need a separate server for maintaining something called OAuth Authorization framework as explained in link2.
What's the difference between OWIN, OAuth and Identity and are all these concepts internally used if I follow link1 and secure the application using jwt token based authentication?
OWIN Is a Middleware and OAuth is the protocol. if you are using .NET core or .NET 5, try to use .NET core middleware for authentication/authorization. Follow First Link (Medium)
If you need a fully fledge Identity Server then you have to create a separate Identity server if you want only token things you can just implement them on your project, but recommended approach is to create a server for identity management.