Update the documentation pages

guide/token-formats.html

@@ -8,7 +8,7 @@
     <title>Understanding the different token formats </title>
     <meta name="viewport" content="width=device-width">
     <meta name="title" content="Understanding the different token formats ">
-    <meta name="generator" content="docfx 2.24.0.0">
+    <meta name="generator" content="docfx 2.45.1.0">
     
     <link rel="shortcut icon" href="../favicon.ico">
     <link rel="stylesheet" href="../styles/docfx.vendor.css">
@@ -20,7 +20,7 @@
     
     
   </head>
-  <body data-spy="scroll" data-target="#affix">
+  <body data-spy="scroll" data-target="#affix" data-offset="120">
     <div id="wrapper">
       <header>
         
@@ -100,7 +100,7 @@
 <hr>
 <h2 id="reference-tokens">Reference tokens</h2>
 <p>When using reference token format, authorization codes, access tokens and refresh tokens are stored as ciphertext in the database and a crypto-secure random identifier is returned to the client application.</p>
-<h3 id="benefits">Benefits</h3>
+<h3 id="benefits-1">Benefits</h3>
 <ul>
 <li>Minimal configuration required</li>
 <li>Uses OpenIddict&#39;s built-in validation</li>
@@ -109,30 +109,30 @@
 <li>Issued tokens are tracked in data store</li>
 <li>Can immediately be revoked</li>
 </ul>
-<h3 id="drawbacks">Drawbacks</h3>
+<h3 id="drawbacks-1">Drawbacks</h3>
 <ul>
 <li>.NET Core validation only (although someone could write it for other platforms)</li>
 <li>Requires a connection to OpenIddict&#39;s data store, e.g. Entity Framework DataContext. Resource servers may not want to have to reference OpenIddict&#39;s database</li>
 <li>Because only ids are in the access tokens, a call to the database is required for every request</li>
 </ul>
-<h3 id="setup-and-api-validation-configuration">Setup and API validation configuration</h3>
+<h3 id="setup-and-api-validation-configuration-1">Setup and API validation configuration</h3>
 <p><a href="../configuration/token-setup-and-validation.html#reference-token-format">Here</a></p>
 <hr>
 <h2 id="jwts-json-web-tokens">JWTs (JSON Web Tokens)</h2>
 <p>These are standard tokens verifiable by third parties, used by Azure Active Directory, Auth0, and other valid OAuth 2.0 service. They are signed by the authorization server but their contents are not encrypted so they can be read by anyone.</p>
-<h3 id="benefits">Benefits</h3>
+<h3 id="benefits-2">Benefits</h3>
 <ul>
 <li>Good to be familiar with JWTs because they are a commonly used access token type in OAuth 2.0 and are also <code>id token</code> type</li>
 <li>Plenty of platforms include JWT validation libraries (.NET, PHP, Node, Python, etc)</li>
 <li>Future proof</li>
 </ul>
-<h3 id="drawbacks">Drawbacks</h3>
+<h3 id="drawbacks-2">Drawbacks</h3>
 <ul>
 <li>Anyone can inspect contents (see <a href="https://jwt.io/">https://jwt.io/</a>), so if token is hanging around in a log somewhere or intercepted somehow all claims or other information in the token can be read, even if token is expired</li>
 <li>Claims are stored within the token, which is convenient but token size could get large if there are a lot of claims (probably not an issue in real-world scenarios)</li>
 <li>Token expiration is in the token itself, so even if users sign out their tokens will still be valid until they reach their expiration</li>
 </ul>
-<h3 id="setup-and-api-validation-configuration">Setup and API validation configuration</h3>
+<h3 id="setup-and-api-validation-configuration-2">Setup and API validation configuration</h3>
 <p><a href="../configuration/token-setup-and-validation.html#jwts">Here</a></p>
 </article>
           </div>
@@ -162,7 +162,7 @@
               <a href="#top">Back to top</a>
             </span>
             
-            <span>Copyright © 2015-2017 Microsoft<br>Generated by <strong>DocFX</strong></span>
+            <span>Generated by <strong>DocFX</strong></span>
           </div>
         </div>
       </footer>