When we are asked to identify ourselves in the real world, we show our ID cards. We trust it because it is issued by the government. Can we build a digital ID card based on the same principes, that we can use to authenticate users in our applications instead of relying on cookies and sessions?
Spoiler alert; we’ll talk about micro services, cryptography, JSON Web Tokens and OAuth2.