[kaoD]

So if I get this correctly, this is mostly useful for microservices and would be kinda pointless for a monolithic architecture?

[growse]

Not even necessarily microservers. If you want a common authentication system used by lots of disparate services, token based Auth is a reasonable approach.

If you've just got one service endpoint, it doesn't buy you very much. Just mint a session token and be done with it.