Hi, I need to authorize ios and android application to request my API but globally I don’t know what I need to do. Is one JWT enough? I would likes to make same system as facebook or Spotify. A simple token in my app but I need a secure solution and I don’t know if JWT is enough. Do you have any ideas or advice for me? I must confess that Google answers me that OAuth has nothing to do with what I’m looking for.

Oauth with open id connect support with give you both authentication and authorization. A JWT alone is just identification and not an authorization. Here’s a good video explaining it all.

thank you !