I’m using Ionic Instagram provider in Ionic Cloud for user management.
I also have a WebAPI backend that provides data to my app.
Now, I want to secure my backend data API so only authenticated users will be able to consume it.
From what I understand, the flow should be as follows:
- Ionic app authenticate against ionic cloud
- Successful login generates JWT token.
- App sends token in Autherization header of HTTP requests to server.
- Server validates token against ionic cloud.
- communication is now secured!
I might be completely off because to be frank, I am super confused about this, but if this is the correct flow - How do my server validates the token against the ionic cloud?
If this is not the right flow, Please guide me to the right direction.