Why would one use JWTs over .NET's own stateless session cookies/encrypted cookies?
Title is sort of self explanatory. I am just wondering about the pros and cons of using JWTs vs the cookie setup .NET already provides for a backend API.
So far, it seems that the .NET stateless cookie sessions has a lot more benefits than JWT stateless cookie sessions (due to automatic secret rotation, etc.).
So far, it seems that the .NET stateless cookie sessions has a lot more benefits than JWT stateless cookie sessions (due to automatic secret rotation, etc.).
