I was looking at the authentication token used in my network requests to a software that we use at work. I noticed that this is not a general JWT OAuth token but some XML based token. I guess, old way of doing things. I am particularly interested as to why do they need my IP address?
Is there a legitimate security reason to need it? My guess is to ensure that no other machine can reuse the token.