at front end, for a asymmetric encryption you should encrypt with a public key using eg. rs256 (using a js library) that will be decrypt into back end with a proper private key.
Only thing that remains in my mind is **how to protect the public key** used at my front application. Do you know?
I think you need to return encrypted token from the backend, no?
You could use PGP
Обсуждают сегодня