Forum Discussion
Daniel_Wolf
Oct 15, 2021MVP
Hi ,
what kind of brute force attacks do you expect on this authentication method?
You could configure the BIG-IP to validate the JWT token. I am guessing now - is the mobile app accessing some kind of API and the JWT is used for authentication? Then maybe you want to look at APM and API Protection. You can do token validation and rate limiting with API Protection.
Link: API Protection Concepts
Another good read on JWT is this one: JWT: A How Not to Guide
I hope this is a good starting point for you.
KR
Daniel