Developer Diary #2 - Tokens and Claims
Development is iterative, we take that for granted. But iterations can be painful, excrutiating chop jobs where you rip the very heart and soul out of your product, only to replace it with something bigger, better, and stronger. Ally's authentication platorm went through a process like this, and while it was painful and took way longer than it should have or anyone would have liked it to, ultimately it was the best thing for the company.
Let me start by saying, there are hundreds of ways to handle authentication in web services. There are RESTful ways, implicit ways, explicit ways, certificates,...