jwt & oauth2.0

• Authorization with OAuth 2.0: First, a user interacts with an application to gain permission for a third-party service. OAuth 2.0 facilitates this by managing the authorization flow, and the user doesn't have to share their credentials directly with the third party.
• Token Issuance as JWT: The authorization server then issues an access token to the client application. This access token is often a JWT.
• Authentication with JWT: The client application includes the JWT in the header of subsequent requests to the resource server (API).
• Verification: The resource server can verify the JWT's signature and extract the user information from the token's payload to authenticate the request, without needing to look up session data on the server. 

• Function: OAuth 2.0 is an authorization framework for granting access to resources. JWT is a token format used for securely transmitting information, often used for authentication.
• Structure: OAuth 2.0 involves a multi-step protocol, while JWT is a self-contained token that contains the necessary information within itself.
• Security: Both are used to secure applications, but they achieve it differently. OAuth 2.0 provides secure access delegation, while JWT ensures the integrity of the information it carries through its digital signature.