I want to create Angular 9 + Spring Boot application with strong security complaint to PCI-DSS security standard.
Which security protocol is preferred for user sessions in order to have high security when we use Angular and Spring Boot:
- Session cookies
- OAuth2 + JWT
for now I’m thinking to secure the application using JWT. Can you share what issue might I have using JWT and is it a good choice?