How to get data from JWT token and keep requesting it on Client? .Net CoreBest practice for REST token-based authentication with JAX-RS and JerseyJWT authentication for ASP.NET Web APIJWT authentication in SignalR (.NET Core) without passing token in Query StringASP .NET Core Identity default authentication vs JWT authenticationHow to get users from Azure AD when securing asp.net core web api with JWT tokenHow do I get current user in .NET Core Web API (from JWT Token)How to get the user data on google authentication using JWT bearer authentication?How to read a JWT token that has expired.net core 2.0 JWT tokenWindow Authentication in dot net core and Angular 6 with JWT token

How can powerful telekinesis avoid violating Newton's 3rd Law?

I've been given a project I can't complete, what should I do?

Combinatorics problem 25 students problem

Why is long-term living in Almost-Earth causing severe health problems?

As easy as Three, Two, One... How fast can you go from Five to Four?

The origin of the Russian proverb about two hares

Assigning function to function pointer, const argument correctness?

Grandpa has another non math question

Could a person damage a jet airliner - from the outside - with their bare hands?

Was Self-modifying-code possible just using BASIC?

Suppose leased car is totalled: what are financial implications?

Why do radiation hardened IC packages often have long leads?

Housemarks (superimposed & combined letters, heraldry)

Why would a home insurer offer a discount based on credit score?

Do you have to have figures when playing D&D?

If the pressure inside and outside a balloon balance, then why does air leave when it pops?

Do empty drive bays need to be filled?

Convert only certain words to lowercase

Why is the length of the Kelvin unit of temperature equal to that of the Celsius unit?

C++ logging library

What is the reason for setting flaps 1 on the ground at high temperatures?

Diatonic chords of a pentatonic vs blues scale?

Why do the Tie-fighter pilot helmets have similar ridges as the rebels?

Should I refuse to be named as co-author of a low quality paper?



How to get data from JWT token and keep requesting it on Client? .Net Core


Best practice for REST token-based authentication with JAX-RS and JerseyJWT authentication for ASP.NET Web APIJWT authentication in SignalR (.NET Core) without passing token in Query StringASP .NET Core Identity default authentication vs JWT authenticationHow to get users from Azure AD when securing asp.net core web api with JWT tokenHow do I get current user in .NET Core Web API (from JWT Token)How to get the user data on google authentication using JWT bearer authentication?How to read a JWT token that has expired.net core 2.0 JWT tokenWindow Authentication in dot net core and Angular 6 with JWT token






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








0















Hi I have setup a Web Api in .Net Core 2.2 for authentication using JWT.



I'm using postman for testing and i am able to send



http://localhost:5000/api/account/login




 "Username" : "fred",
 "Password" : "123"



and the response



eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxIiwicm9sZSI6IkFkbWluaXN0cmF0b3IiLCJuYmYiOjE1NTM0NjUxMTgsImV4cCI6MTU1MzQ2NTcxOCwiaWF0IjoxNTUzNDY1MTE4fQ.YF0ztM_p9N2UMUJKYTjJHpkvtJwVymhtOy5H5g2qOSs


My problem is, how do i keep the user authenticated and retrieve the data on the Client?



I have this little App in .Net 4.5



User logs in and username and password are sent to web api and return the token.
How and when am i suppose to send the token back to the APi to validate it?






security authentication asp.net-core jwt asp.net-core-webapi







share|improve this question






















  • What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

    – Tao Zhou
    Mar 25 at 1:49

















0















Hi I have setup a Web Api in .Net Core 2.2 for authentication using JWT.



I'm using postman for testing and i am able to send



http://localhost:5000/api/account/login




 "Username" : "fred",
 "Password" : "123"



and the response



eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxIiwicm9sZSI6IkFkbWluaXN0cmF0b3IiLCJuYmYiOjE1NTM0NjUxMTgsImV4cCI6MTU1MzQ2NTcxOCwiaWF0IjoxNTUzNDY1MTE4fQ.YF0ztM_p9N2UMUJKYTjJHpkvtJwVymhtOy5H5g2qOSs


My problem is, how do i keep the user authenticated and retrieve the data on the Client?



I have this little App in .Net 4.5



User logs in and username and password are sent to web api and return the token.
How and when am i suppose to send the token back to the APi to validate it?






security authentication asp.net-core jwt asp.net-core-webapi







share|improve this question






















  • What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

    – Tao Zhou
    Mar 25 at 1:49













0












0








0








Hi I have setup a Web Api in .Net Core 2.2 for authentication using JWT.



I'm using postman for testing and i am able to send



http://localhost:5000/api/account/login




 "Username" : "fred",
 "Password" : "123"



and the response



eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxIiwicm9sZSI6IkFkbWluaXN0cmF0b3IiLCJuYmYiOjE1NTM0NjUxMTgsImV4cCI6MTU1MzQ2NTcxOCwiaWF0IjoxNTUzNDY1MTE4fQ.YF0ztM_p9N2UMUJKYTjJHpkvtJwVymhtOy5H5g2qOSs


My problem is, how do i keep the user authenticated and retrieve the data on the Client?



I have this little App in .Net 4.5



User logs in and username and password are sent to web api and return the token.
How and when am i suppose to send the token back to the APi to validate it?






security authentication asp.net-core jwt asp.net-core-webapi







share|improve this question














Hi I have setup a Web Api in .Net Core 2.2 for authentication using JWT.



I'm using postman for testing and i am able to send



http://localhost:5000/api/account/login




 "Username" : "fred",
 "Password" : "123"



and the response



eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxIiwicm9sZSI6IkFkbWluaXN0cmF0b3IiLCJuYmYiOjE1NTM0NjUxMTgsImV4cCI6MTU1MzQ2NTcxOCwiaWF0IjoxNTUzNDY1MTE4fQ.YF0ztM_p9N2UMUJKYTjJHpkvtJwVymhtOy5H5g2qOSs


My problem is, how do i keep the user authenticated and retrieve the data on the Client?



I have this little App in .Net 4.5



User logs in and username and password are sent to web api and return the token.
How and when am i suppose to send the token back to the APi to validate it?






security authentication asp.net-core jwt asp.net-core-webapi




security authentication asp.net-core jwt asp.net-core-webapi






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Mar 24 at 22:10









ruipascoalruipascoal

177




177












  • What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

    – Tao Zhou
    Mar 25 at 1:49

















  • What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

    – Tao Zhou
    Mar 25 at 1:49
















What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

– Tao Zhou
Mar 25 at 1:49





What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

– Tao Zhou
Mar 25 at 1:49












2 Answers
2






active

oldest

votes


















1














When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".






share|improve this answer






























    0














    This flow might help you. This is just a pseudo code.



    User logs in from client side. You redirect to home page after saving token in local storage.



    http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
     localstorage.save(token);
     redirectTo["/home"];
    );


    The request goes to TokenController.cs:



    [HttpPost]
    public string Post(UserCredentialsDto userCreds)

     _validationService.validate(userCreds);
     return _jwtService.CreateToken(userCreds);



    When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



    The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



    JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.






    share|improve this answer

























      Your Answer






      StackExchange.ifUsing("editor", function ()
      StackExchange.using("externalEditor", function ()
      StackExchange.using("snippets", function ()
      StackExchange.snippets.init();
      );
      );
      , "code-snippets");

      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "1"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader:
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      ,
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );













      draft saved

      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55329079%2fhow-to-get-data-from-jwt-token-and-keep-requesting-it-on-client-net-core%23new-answer', 'question_page');

      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      1














      When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".






      share|improve this answer



























        1














        When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".






        share|improve this answer

























          1












          1








          1







          When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".






          share|improve this answer













          When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Mar 25 at 0:19









          t double ut double u

          111




          111























              0














              This flow might help you. This is just a pseudo code.



              User logs in from client side. You redirect to home page after saving token in local storage.



              http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
               localstorage.save(token);
               redirectTo["/home"];
              );


              The request goes to TokenController.cs:



              [HttpPost]
              public string Post(UserCredentialsDto userCreds)

               _validationService.validate(userCreds);
               return _jwtService.CreateToken(userCreds);



              When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



              The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



              JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.






              share|improve this answer





























                0














                This flow might help you. This is just a pseudo code.



                User logs in from client side. You redirect to home page after saving token in local storage.



                http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
                 localstorage.save(token);
                 redirectTo["/home"];
                );


                The request goes to TokenController.cs:



                [HttpPost]
                public string Post(UserCredentialsDto userCreds)

                 _validationService.validate(userCreds);
                 return _jwtService.CreateToken(userCreds);



                When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



                The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



                JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.






                share|improve this answer



























                  0












                  0








                  0







                  This flow might help you. This is just a pseudo code.



                  User logs in from client side. You redirect to home page after saving token in local storage.



                  http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
                   localstorage.save(token);
                   redirectTo["/home"];
                  );


                  The request goes to TokenController.cs:



                  [HttpPost]
                  public string Post(UserCredentialsDto userCreds)

                   _validationService.validate(userCreds);
                   return _jwtService.CreateToken(userCreds);



                  When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



                  The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



                  JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.






                  share|improve this answer















                  This flow might help you. This is just a pseudo code.



                  User logs in from client side. You redirect to home page after saving token in local storage.



                  http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
                   localstorage.save(token);
                   redirectTo["/home"];
                  );


                  The request goes to TokenController.cs:



                  [HttpPost]
                  public string Post(UserCredentialsDto userCreds)

                   _validationService.validate(userCreds);
                   return _jwtService.CreateToken(userCreds);



                  When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



                  The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



                  JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.







                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited Mar 25 at 7:59

























                  answered Mar 25 at 7:48









                  ShahbaazShahbaaz

                  13516




                  13516



























                      draft saved

                      draft discarded
















































                      Thanks for contributing an answer to Stack Overflow!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid


                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.

                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55329079%2fhow-to-get-data-from-jwt-token-and-keep-requesting-it-on-client-net-core%23new-answer', 'question_page');

                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      -

                      Popular posts from this blog

                      Kamusi Yaliyomo Aina za kamusi | Muundo wa kamusi | Faida za kamusi | Dhima ya picha katika kamusi | Marejeo | Tazama pia | Viungo vya nje | UrambazajiKuhusu kamusiGo-SwahiliWiki-KamusiKamusi ya Kiswahili na Kiingerezakuihariri na kuongeza habari

                      Image
                      Pages using ISBN magic linksMbegu za lughaKamusiIsimu nenoKiarabukitabulughaKiswahilialfabetimaanaufafanuzimanenomuhtasarisarufividahizoalfabeti Kamusi Kutoka Wikipedia, kamusi elezo huru Jump to navigation Jump to search Kamusi za Kiswahili Kamusi ya Kiswahili-Kiswahili (kamusi wahidiya) Kamusi ya Kiswahili - Kiingereza (kamusi thania) Kamusi (kutoka neno la Kiarabu قاموس qamus ) ni kitabu ambacho kinaorodhesha maneno ya lugha yaliyokusanywa kutoka kwa watumiaji wa lugha fulani, kwa mfano lugha ya Kiswahili. Maneno hupangwa kwa mtindo wa alfabeti, hutoa maana, asili na ufafanuzi wa utumizi wa maneno na jinsi yanavyotumika au yanavyotamkwa. [1] Yaliyomo 1 Aina za kamusi 2 Muundo wa kamusi 2.1 1. Utangulizi wa kamusi 2.2 2. Matini ya kamusi 2.3 3. Sherehe ya kamusi 3 Faida za kamusi 4 Dhima ya picha katika kamusi 5 Marejeo 6 Tazama pia 7 Viungo vya nje Aina za kamusi | Kuna aina mbalimbali za kamusi ambazo ni: Kamusi wahidiya yaani ya l
                      Read more

                      Swift 4 - func physicsWorld not invoked on collision? The Next CEO of Stack OverflowHow to call Objective-C code from Swift#ifdef replacement in the Swift language@selector() in Swift?#pragma mark in Swift?Swift for loop: for index, element in array?dispatch_after - GCD in Swift?Swift Beta performance: sorting arraysSplit a String into an array in Swift?The use of Swift 3 @objc inference in Swift 4 mode is deprecated?How to optimize UITableViewCell, because my UITableView lags

                      Image
                      Strange use of "whether ... than ..." in official text Could a dragon use its wings to swim? Car headlights in a world without electricity How to avoid supervisors with prejudiced views? Is the offspring between a demon and a celestial possible? If so what is it called and is it in a book somewhere? Can I board the first leg of the flight without having final country's PR card? subequations: How to continue numbering within subequation? How do you define an element with an ID attribute using LWC? Relevant Part for a Badminton Serve What CSS properties can the br tag have? What are the unusually-enlarged wing sections on this P-38 Lightning? Why did early computer designers eschew integers? Is it a bad idea to plug the other end of ESD strap to wall ground? Magento 1.9 observer on only new product added ( no updated product ) Airplane gently rocking its wings during whole flight It is correct to match light sources with the same color temperat
                      Read more

                      Access current req object everywhere in Node.js ExpressWhy are global variables considered bad practice? (node.js)Using req & res across functionsHow do I get the path to the current script with Node.js?What is Node.js' Connect, Express and “middleware”?Node.js w/ express error handling in callbackHow to access the GET parameters after “?” in Express?Modify Node.js req object parametersAccess “app” variable inside of ExpressJS/ConnectJS middleware?Node.js Express app - request objectAngular Http Module considered middleware?Session variables in ExpressJSAdd properties to the req object in expressjs with Typescript

                      Image
                      What steps should I take to lawfully visit the United States as a tourist immediately after visiting on a B-1 visa? Would dual wielding daggers be a viable choice for a covert bodyguard? For a hashing function like MD5, how similar can two plaintext strings be and still generate the same hash? Using Newton's shell theorem to accelerate a spaceship Why doesn't sea level show seasonality? What prevents someone from claiming to be the murderer in order to get the real murderer off? Has anyone in space seen or photographed a simple laser pointer from Earth? What does (void *)1 mean Why does the U.S. tolerate foreign influence from Saudi Arabia and Israel on its domestic policies while not tolerating that from China or Russia? Modulus Operandi What's the point of having a RAID 1 configuration over incremental backups to a secondary drive? How to ask for a LinkedIn endorsement? Good resources for solving techniques (Metaheuristics, MILP, CP etc) How woul
                      Read more