Hi I was wondering how people were handling the combination of standard user/password registration and OAuth with facebook, google etc.
Would you in essence probably have multiple criteria around if your JWT token is valid? i.e. google as an issuer is ok and facebook and your own auth server api is valid?
I've been reading here:
https://eidand.com/2015/04/22/xamarin-ios-authentication-using-owin-web-api2-json-web-tokens/ and here: