I'm trying to create a website with Blazor Webassembly. The site uses an API protected by Windows Authentication. The site is intended for internal use within a company's own network. Do I need to implement tokens for authentication or is Windows Authentication enough to authenticate to the API?
The application works as intended, using only Windows Authentication. I'd like to know if it's a better practice to implement jwt tokens or others?