Thank you! I'll ask some more questions tommorow after I sleep on it if you don't mind.
> API Gateway intercepts the request from the web app, extracts out the access_token, talks to the Token Exchange endpoint (or the STS), which will validate the access_token and then issues a JWT (signed by it) to the…
Thank you! I'll ask some more questions tommorow after I sleep on it if you don't mind.
> API Gateway intercepts the request from the web app, extracts out the access_token, talks to the Token Exchange endpoint (or the STS), which will validate the access_token and then issues a JWT (signed by it) to the…