Sasha,
What does JWT contain ? Does it can contain full fledged Smsession ? or is it some sort of ssotoken like sessionspec/encrypted string which gets validated with policy server ?
Also if it can have Smsession then is it possible to extract same session cookie from JWT which may be on a native app and can be utilized to authenticate to mobile web application for a seamless experience.
Thanks for the help in advance.
Thanks and Regards,
Yatin..