JWT is a format which contains the user information in an encrypted JSON format.
But Bearer Token is what?
Bearer token means that when a party presents a bearer token, it is then allowed access to the resource. We don't validate the requesting party. Having the bearer token is enough.
Is there something like JWT Bearer Token?
JWT Tokens can also server as bearer tokens. Ex In Azure AD authentication using oAuth protocol.
Then why don't we use Bearer Token?
You don't use bearer token when you don't want to blindly trust the party where bearer tokens are coming. In that case you want to verify the requesting party as well. In that case you might want to use the SAML tokens.
How to can I generate custom Bearer Token in ASP.NET MVC Web API?
Generation of a token is the work of an Identity provider. Where i work, the flow is like - Azure AD generates a bearer token in JWT format. The token is then sent to the Azure ad protected resource which then allows access.
I hope i have answered your doubts. Kindly let me know if you have any more doubts or issues. I would be more than happy if someone can point out any mistakes (if any) in the answer.
