I have two app.
1) ASP.NET Core 2.0 MVC App with JWT authentication implemented.
2) ASP.NET Core 2.0 API app.
Now I want to secure the API app without using any 3rd party identiti provider. User logged in MVC app with their username and password, get jwt token, and then call API with this token. How the API understand this token without registering API with Indentity Provider?
Thanks.