PSJsonWebToken VS jose-jwt

So it depends on if your endpoint accepts JWTs. Generally I obtain a JWT from a seperate endpoint by passing a client ID and secret via IRM. The other way for endpoints that I "own" is that I generate one myself via New-JsonWebToken in my PSJsonWebToken module. Examples in readme here under "Token decoding, creation, and validation": https://github.com/anthonyg-1/PSJsonWebToken

Hello again! I've written a PowerShell module, PSJsonWebToken, that contains functions to create, validate, and test JSON Web Tokens (JWT) as well as the creation of JSON Web Keys (JWK). This module has been useful to me in validating the security of endpoints that accept JWTs for authentication as well as generating JWKs for signature verification for JWTs in an OpenID Connect flow. There are also some advanced functions for base64 decoding and encoding, exporting .NET X509Certificate objects to formatted strings, etc. https://github.com/anthonyg-1/PSJsonWebToken

Use the jose-jwt library and thank me later

As far as using something other than oAuth its all about what your app supports. If basic authentication is supported, go ahead and send your credentials straight to the server as a -credential and skip ADFS. The REST API we have at work can handle tokens signed with different keys so if a client wanted to generate a RSA keypair and share the public key with us they could generate and sign their own token (jose-jwt works well in PS for this) and submit it straight to the server without going through ADFS. Again, its all about what your app is capable of.