my blog. for you.

Let’s talk digital.

I’m an independent IT consultant and entrepreneur in the Internet and software business. I’m interested in design, enterprise applications, web apps and SaaS products. I design and develop business solutions and applications. I help companies in terms of software quality and knowledge transfer, e.g. with Angular and Spring Boot.

JSON Web Tokens: Downsides, Best Practices and Secure and Robust Alternatives

JSON Web Tokens (JWTs) nowadays are commonly used for transmitting authentication data in web applications, especially those exhibiting the widespread client-server architecture where you have a fat client / single-page application written in JavaScript as a front-end and a back-end server providing REST endpoints for use by that front-end client. However, while common there are good arguments against this practice. In a nutshell, JWT often are used for storing session data such user authorization and authentication information although they aren't particularly well-suited to ... Read more

OAuth 2.0 Authentication with Jira – A Spring Boot Example Application

When dealing with the specifics of authentication techniques and protocols such as OAuth the devil often is in the detail. While the OAuth 2.0 protocol generally is easy to grasp and simple to use implementation details for specific authentication providers can easily have you hit a snag fairly quickly. Documentation and examples sometimes are outdated or scattered across several - sometimes contradictory documents. Additionally, examples for the authentication provider you want to use might not have been written with your framework of ... Read more