This authentication scheme carries a signed JWT, plus the key that signed that JWT. This authentication scheme is for origin-server authentication only. Therefore, this authentication scheme MUST NOT be used with the Proxy-Authenticate or Proxy-Authorization header fields. (Internet Draft ietf-webpush-vapid: Voluntary Application Server Identification (VAPID) for Web Push)



JSON

Return to list of all ( HTTP Authentication Schemes | Web Concepts )