Vocabulary used by the diagrams and component notes.
ID token (JWT)
Signed token that represents the authenticated user and is sent to app APIs.
Refresh token
Long-lived token used only with the auth server to mint a new ID token.
OIDC (OpenID Connect)
Identity layer on top of OAuth 2.0 used for user authentication flows.
Auth server
Service that verifies identity, issues tokens, and handles refresh/revocation.
Shared Header
Navigation is provided by Platform2040's shared app-header.js component.
CDN source
https://platform2040.com/static/app-header.js — loaded before nav.js in every template.
nav.js
Thin config calling AppHeader.create() with AuthReturn-specific brand and links. Throws if AppHeader is not defined.
Utility: Search sections + hotspot labels/details (Cmd/Ctrl+F, Enter cycles matches).
Architecture Options Lab
Historical design note. This section documents tradeoffs from the earlier architecture decision process. Diagram nodes include deep links to Full Stack lessons.
Current production implementation: Cognito + Refresh Tokens.