328
CHAPTER 8 | Make secure .NET Microservices and Web Applications
With this middleware in place, JWT tokens are automatically extracted from authorization headers.
They are then deserialized, validated (using the values in the
Audience
and
Authority
parameters),
and stored as user information to be referenced later by MVC actions or authorization filters.
The JWT bearer authentication middleware can also support
more advanced scenarios, such as using a
local certificate to validate a token if the authority is not available. For this scenario, you can specify a
TokenValidationParameters
object in the
JwtBearerOptions
object.
Additional resources
•
Dostları ilə paylaş: