Authentication vs Authorization
- Authentication: identifying the user who is accessing the resource
- Authorization: checking if the user has permission to perform an action on the resource (e.g updating the resource)
JWT for Authentication
JWT or JSON Web Token is a preferrable method for authenticating REST APIs because: