Verifying JWT token after auth


#1

I’m using Ionic Instagram provider in Ionic Cloud for user management.

I also have a WebAPI backend that provides data to my app.

Now, I want to secure my backend data API so only authenticated users will be able to consume it.

From what I understand, the flow should be as follows:

  1. Ionic app authenticate against ionic cloud
  2. Successful login generates JWT token.
  3. App sends token in Autherization header of HTTP requests to server.
  4. Server validates token against ionic cloud.
  5. communication is now secured!

I might be completely off because to be frank, I am super confused about this, but if this is the correct flow - How do my server validates the token against the ionic cloud?

If this is not the right flow, Please guide me to the right direction.

Thanks
Omri