How to create a WebAPI authenticated by JWT?

Показать описание

JSON Web Token (JWT) is an open standard (RFC 7519) to exchange information securely via a signed token. For example, a server could issue a token with the claim "user identified as an administrator" and provide it to the client. The client could then check the token to prove that the user is logged in as an administrator.

Personally, it is a solution that I find elegant because
- Simple to set up: a few configuration lines and the use of the [Authorize] attribute,
- Easily manage my own security rules when checking the username and password,
- Very easy to test in client applications: just add an HTTP header "Authorization: Bearer[Token]".

Рекомендации по теме

Комментарии

nice music, i was here for a JWT authorize module in Java but i stayed for the music :P.

sicariushahni

best JWT tutorials ever. many thanks :)

Vietnamcamping

Can you plss help.. I m getting error like this " Authentication builder does not contain definition for addjwtbearer ... "
When I m adding. Addjwtbearer (at 3:17)

ankitamishra

Thanks sir very well explained without wasting time

shivaganga

/*error*/ servces.AddAuthentication() doesnt have AddJwtBearer() method...

tonyriddle

if you get a BAD REQUEST make sure
app.UseAuthentication();
<---- this line is before app.useMvc()
app.UseMvc();

mrkzmusic

It's a great video fast and precise ty

uzielGamePlays

Great tutorial, but some advise: unpin you soultion explorer so its easier to follow.

Stangil

Nice video.. got knowledge.. thanks Denis

KrishnaYajjala

How does the authorize attribute check if the token is valid if you don’t have a data store hooked up?

variableproductions

Can you please make a video in which we don't have to use postman instead we are able to directly pass token into the header.

tamannasharma

Best tutorial for jwt sir but I have a question...
Suppose more than one user login at a time then token will same or different for each, and one more thing there is no any session in api application then how we store token and validate on each request for each user

manojgp

I can't understand i have all the project running and then I create a new application apart of this web api, how am I going to consume this web api?

sergiopaz

When i copy and paste the token in jwt site, displays error invalid token.But when i check the box secret base64 encoded, then it's verified.Any help is welcome.

MariosN

I want to know how to use the refresh tokens in jwt..will you do a video for us?

ezhilt

hey, I know I'm a bit late but I followed your tutorial step by step and when I tried to add the username and password in the URL and generate a token, I got this exception 'IDX10603: Decryption failed. Keys tried: '[PII is hidden]'.
Exceptions caught:
'[PII is hidden]'.
token: '[PII is hidden]''. Do you know what it can mean and how to fix, I couldn't find anything that could help?

mariapishtiyska

good demo...
you have demonstrated to newbies like me, that you can add authorization to webservice calls.
do u have a video that covers validation of a user authorization?

far-red

Hi sir, this is so helpful for me. thank you. Will you please direct me to generate access token after expired by refresh token?

vaghelagaurav

It would help a lot if you actually explained what you were doing rather than us have to listen to a load of ambient music and watch you laboriously type and flip between pages to try and figure out what and why you re doing stuff!! Please go and view other proper tutorial videos to see how much more useful they are!

stealthworks

hello dev,
i am planning to write an API for my institute. Its a group project which include an api and several client sides per group member. The clients will either be written in js or python and api in C#. Now the scenario is
1) i need to authorize the role as there will be several roles once a request is received on api
2) i need to authenticate the request whether it is originating from the designated clients and not from any client side.

how should i do it? I know i need identity server for role authorization but how to validate the origin of request?
further, how will the api know the role? i mean will i recieve it from form or query or what as we use authorize attribute in asp mvc?

masifakbar

How to create a WebAPI authenticated by JWT?

Create Your First Web API Using Visual Studio 2022 | Swagger | .NET 6.0 | Beginners Guide

How to Create a Web API

ASP.NET Web API Tutorial For Beginners | How To Create Web API Using ASP.NET | ASP.NET | Simplilearn

Build your first API in 10 minutes | API tutorial | FastAPI tutorial | Build API from scratch

Create Web API project | Asp.net core Web API tutorial | Web API basics | Asp.net core Web API 8.0

Create SIMPLE REST Web API with .Net Core and test with SoapUI

How to Create Web API from scratch - Part 1

ASP.NET Core Razor Pages CRUD - .NET 9.0 Razor Pages EF Core - Insert Data

ASP.NET Web API Tutorial For Beginners | How To Create Web API Using ASP.NET | ASP.NET | Simplilearn

How To Create ASP.NET Core Web API - Visual Studio 2022

How To Create a WEB API?

Web API 4; Create Web API Project

How to Create ASP.NET Web API Project | ASP.NET WebAPI Tutorial

Create API Interface on Asp.Net Core, WebApi

Creating a Web API Project

How to create your first asp dotnet core webapi?

Create asp net core web api from scratch

48 ASP .NET MVC - Create Web API CRUD operation - Part 1

How to Create a Web API with ASP.NET CORE and .NET 6 (c# for beginners)

Ask the Expert: Create a web API with ASP.NET Core

Create a First Web API Project using VS 2019

Create a minimal web API with ASP.NET Core 6.0

ASP.NET Core Web API .NET 8 2024 - 6. POST (Create)

Create Your First Web API Using Visual Studio With C# Beginners Guide