How to get data from JWT token and keep requesting it on Client? .Net CoreBest practice for REST token-based authentication with JAX-RS and JerseyJWT authentication for ASP.NET Web APIJWT authentication in SignalR (.NET Core) without passing token in Query StringASP .NET Core Identity default authentication vs JWT authenticationHow to get users from Azure AD when securing asp.net core web api with JWT tokenHow do I get current user in .NET Core Web API (from JWT Token)How to get the user data on google authentication using JWT bearer authentication?How to read a JWT token that has expired.net core 2.0 JWT tokenWindow Authentication in dot net core and Angular 6 with JWT token

How can powerful telekinesis avoid violating Newton's 3rd Law?

I've been given a project I can't complete, what should I do?

Combinatorics problem 25 students problem

Why is long-term living in Almost-Earth causing severe health problems?

As easy as Three, Two, One... How fast can you go from Five to Four?

The origin of the Russian proverb about two hares

Assigning function to function pointer, const argument correctness?

Grandpa has another non math question

Could a person damage a jet airliner - from the outside - with their bare hands?

Was Self-modifying-code possible just using BASIC?

Suppose leased car is totalled: what are financial implications?

Why do radiation hardened IC packages often have long leads?

Housemarks (superimposed & combined letters, heraldry)

Why would a home insurer offer a discount based on credit score?

Do you have to have figures when playing D&D?

If the pressure inside and outside a balloon balance, then why does air leave when it pops?

Do empty drive bays need to be filled?

Convert only certain words to lowercase

Why is the length of the Kelvin unit of temperature equal to that of the Celsius unit?

C++ logging library

What is the reason for setting flaps 1 on the ground at high temperatures?

Diatonic chords of a pentatonic vs blues scale?

Why do the Tie-fighter pilot helmets have similar ridges as the rebels?

Should I refuse to be named as co-author of a low quality paper?



How to get data from JWT token and keep requesting it on Client? .Net Core


Best practice for REST token-based authentication with JAX-RS and JerseyJWT authentication for ASP.NET Web APIJWT authentication in SignalR (.NET Core) without passing token in Query StringASP .NET Core Identity default authentication vs JWT authenticationHow to get users from Azure AD when securing asp.net core web api with JWT tokenHow do I get current user in .NET Core Web API (from JWT Token)How to get the user data on google authentication using JWT bearer authentication?How to read a JWT token that has expired.net core 2.0 JWT tokenWindow Authentication in dot net core and Angular 6 with JWT token






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








0















Hi I have setup a Web Api in .Net Core 2.2 for authentication using JWT.



I'm using postman for testing and i am able to send



http://localhost:5000/api/account/login




 "Username" : "fred",
 "Password" : "123"



and the response



eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxIiwicm9sZSI6IkFkbWluaXN0cmF0b3IiLCJuYmYiOjE1NTM0NjUxMTgsImV4cCI6MTU1MzQ2NTcxOCwiaWF0IjoxNTUzNDY1MTE4fQ.YF0ztM_p9N2UMUJKYTjJHpkvtJwVymhtOy5H5g2qOSs


My problem is, how do i keep the user authenticated and retrieve the data on the Client?



I have this little App in .Net 4.5



User logs in and username and password are sent to web api and return the token.
How and when am i suppose to send the token back to the APi to validate it?






security authentication asp.net-core jwt asp.net-core-webapi







share|improve this question






















  • What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

    – Tao Zhou
    Mar 25 at 1:49

















0















Hi I have setup a Web Api in .Net Core 2.2 for authentication using JWT.



I'm using postman for testing and i am able to send



http://localhost:5000/api/account/login




 "Username" : "fred",
 "Password" : "123"



and the response



eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxIiwicm9sZSI6IkFkbWluaXN0cmF0b3IiLCJuYmYiOjE1NTM0NjUxMTgsImV4cCI6MTU1MzQ2NTcxOCwiaWF0IjoxNTUzNDY1MTE4fQ.YF0ztM_p9N2UMUJKYTjJHpkvtJwVymhtOy5H5g2qOSs


My problem is, how do i keep the user authenticated and retrieve the data on the Client?



I have this little App in .Net 4.5



User logs in and username and password are sent to web api and return the token.
How and when am i suppose to send the token back to the APi to validate it?






security authentication asp.net-core jwt asp.net-core-webapi







share|improve this question






















  • What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

    – Tao Zhou
    Mar 25 at 1:49













0












0








0








Hi I have setup a Web Api in .Net Core 2.2 for authentication using JWT.



I'm using postman for testing and i am able to send



http://localhost:5000/api/account/login




 "Username" : "fred",
 "Password" : "123"



and the response



eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxIiwicm9sZSI6IkFkbWluaXN0cmF0b3IiLCJuYmYiOjE1NTM0NjUxMTgsImV4cCI6MTU1MzQ2NTcxOCwiaWF0IjoxNTUzNDY1MTE4fQ.YF0ztM_p9N2UMUJKYTjJHpkvtJwVymhtOy5H5g2qOSs


My problem is, how do i keep the user authenticated and retrieve the data on the Client?



I have this little App in .Net 4.5



User logs in and username and password are sent to web api and return the token.
How and when am i suppose to send the token back to the APi to validate it?






security authentication asp.net-core jwt asp.net-core-webapi







share|improve this question














Hi I have setup a Web Api in .Net Core 2.2 for authentication using JWT.



I'm using postman for testing and i am able to send



http://localhost:5000/api/account/login




 "Username" : "fred",
 "Password" : "123"



and the response



eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxIiwicm9sZSI6IkFkbWluaXN0cmF0b3IiLCJuYmYiOjE1NTM0NjUxMTgsImV4cCI6MTU1MzQ2NTcxOCwiaWF0IjoxNTUzNDY1MTE4fQ.YF0ztM_p9N2UMUJKYTjJHpkvtJwVymhtOy5H5g2qOSs


My problem is, how do i keep the user authenticated and retrieve the data on the Client?



I have this little App in .Net 4.5



User logs in and username and password are sent to web api and return the token.
How and when am i suppose to send the token back to the APi to validate it?






security authentication asp.net-core jwt asp.net-core-webapi




security authentication asp.net-core jwt asp.net-core-webapi






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Mar 24 at 22:10









ruipascoalruipascoal

177




177












  • What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

    – Tao Zhou
    Mar 25 at 1:49

















  • What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

    – Tao Zhou
    Mar 25 at 1:49
















What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

– Tao Zhou
Mar 25 at 1:49





What is your client? Is it angular or MVC? For web api, it is stateless, for accessing security resource, you need to append the token with bearer in your request. For validating the token, this is implemented by app.UseAuthentication();. Check this doc ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API

– Tao Zhou
Mar 25 at 1:49












2 Answers
2






active

oldest

votes


















1














When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".






share|improve this answer






























    0














    This flow might help you. This is just a pseudo code.



    User logs in from client side. You redirect to home page after saving token in local storage.



    http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
     localstorage.save(token);
     redirectTo["/home"];
    );


    The request goes to TokenController.cs:



    [HttpPost]
    public string Post(UserCredentialsDto userCreds)

     _validationService.validate(userCreds);
     return _jwtService.CreateToken(userCreds);



    When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



    The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



    JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.






    share|improve this answer

























      Your Answer






      StackExchange.ifUsing("editor", function ()
      StackExchange.using("externalEditor", function ()
      StackExchange.using("snippets", function ()
      StackExchange.snippets.init();
      );
      );
      , "code-snippets");

      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "1"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader:
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      ,
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );













      draft saved

      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55329079%2fhow-to-get-data-from-jwt-token-and-keep-requesting-it-on-client-net-core%23new-answer', 'question_page');

      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      1














      When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".






      share|improve this answer



























        1














        When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".






        share|improve this answer

























          1












          1








          1







          When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".






          share|improve this answer













          When I create a token using JWT for an api and want to test using it in Postman, the Header needs to have the word "Bearer" in front of the token. So for example, you want to retrieve data (Client) so its a Post method with the Header Key: Authorization Value: Bearer (Your Token)cut and paste your token with space behind "Bearer".







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Mar 25 at 0:19









          t double ut double u

          111




          111























              0














              This flow might help you. This is just a pseudo code.



              User logs in from client side. You redirect to home page after saving token in local storage.



              http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
               localstorage.save(token);
               redirectTo["/home"];
              );


              The request goes to TokenController.cs:



              [HttpPost]
              public string Post(UserCredentialsDto userCreds)

               _validationService.validate(userCreds);
               return _jwtService.CreateToken(userCreds);



              When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



              The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



              JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.






              share|improve this answer





























                0














                This flow might help you. This is just a pseudo code.



                User logs in from client side. You redirect to home page after saving token in local storage.



                http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
                 localstorage.save(token);
                 redirectTo["/home"];
                );


                The request goes to TokenController.cs:



                [HttpPost]
                public string Post(UserCredentialsDto userCreds)

                 _validationService.validate(userCreds);
                 return _jwtService.CreateToken(userCreds);



                When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



                The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



                JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.






                share|improve this answer



























                  0












                  0








                  0







                  This flow might help you. This is just a pseudo code.



                  User logs in from client side. You redirect to home page after saving token in local storage.



                  http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
                   localstorage.save(token);
                   redirectTo["/home"];
                  );


                  The request goes to TokenController.cs:



                  [HttpPost]
                  public string Post(UserCredentialsDto userCreds)

                   _validationService.validate(userCreds);
                   return _jwtService.CreateToken(userCreds);



                  When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



                  The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



                  JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.






                  share|improve this answer















                  This flow might help you. This is just a pseudo code.



                  User logs in from client side. You redirect to home page after saving token in local storage.



                  http.post("mysite.me/api/token", userCredentialsDto).subscribe(token => 
                   localstorage.save(token);
                   redirectTo["/home"];
                  );


                  The request goes to TokenController.cs:



                  [HttpPost]
                  public string Post(UserCredentialsDto userCreds)

                   _validationService.validate(userCreds);
                   return _jwtService.CreateToken(userCreds);



                  When you go to home page or whatever page you want, you can get the access token form your local storage attach that token to each requests header before sending it to the server.



                  The thing to note here is that, the access token is what authenticates the user so, util your access token expires your user is authenticated. Once the access token expires, you can user the refresh token to refresh your token and continue using you app.



                  JWT is base64 encoded. You can easily decode it in client side. Also .Net core automatically binds the JWT claims to HttpContext.User object, after successful authentication.







                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited Mar 25 at 7:59

























                  answered Mar 25 at 7:48









                  ShahbaazShahbaaz

                  13516




                  13516



























                      draft saved

                      draft discarded
















































                      Thanks for contributing an answer to Stack Overflow!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid


                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.

                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55329079%2fhow-to-get-data-from-jwt-token-and-keep-requesting-it-on-client-net-core%23new-answer', 'question_page');

                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      -

                      Popular posts from this blog

                      Kamusi Yaliyomo Aina za kamusi | Muundo wa kamusi | Faida za kamusi | Dhima ya picha katika kamusi | Marejeo | Tazama pia | Viungo vya nje | UrambazajiKuhusu kamusiGo-SwahiliWiki-KamusiKamusi ya Kiswahili na Kiingerezakuihariri na kuongeza habari

                      Image
                      Pages using ISBN magic linksMbegu za lughaKamusiIsimu nenoKiarabukitabulughaKiswahilialfabetimaanaufafanuzimanenomuhtasarisarufividahizoalfabeti Kamusi Kutoka Wikipedia, kamusi elezo huru Jump to navigation Jump to search Kamusi za Kiswahili Kamusi ya Kiswahili-Kiswahili (kamusi wahidiya) Kamusi ya Kiswahili - Kiingereza (kamusi thania) Kamusi (kutoka neno la Kiarabu قاموس qamus ) ni kitabu ambacho kinaorodhesha maneno ya lugha yaliyokusanywa kutoka kwa watumiaji wa lugha fulani, kwa mfano lugha ya Kiswahili. Maneno hupangwa kwa mtindo wa alfabeti, hutoa maana, asili na ufafanuzi wa utumizi wa maneno na jinsi yanavyotumika au yanavyotamkwa. [1] Yaliyomo 1 Aina za kamusi 2 Muundo wa kamusi 2.1 1. Utangulizi wa kamusi 2.2 2. Matini ya kamusi 2.3 3. Sherehe ya kamusi 3 Faida za kamusi 4 Dhima ya picha katika kamusi 5 Marejeo 6 Tazama pia 7 Viungo vya nje Aina za kamusi | Kuna aina mbalimbali za kamusi ambazo n...
                      Read more

                      SQL error code 1064 with creating Laravel foreign keysForeign key constraints: When to use ON UPDATE and ON DELETEDropping column with foreign key Laravel error: General error: 1025 Error on renameLaravel SQL Can't create tableLaravel Migration foreign key errorLaravel php artisan migrate:refresh giving a syntax errorSQLSTATE[42S01]: Base table or view already exists or Base table or view already exists: 1050 Tableerror in migrating laravel file to xampp serverSyntax error or access violation: 1064:syntax to use near 'unsigned not null, modelName varchar(191) not null, title varchar(191) not nLaravel cannot create new table field in mysqlLaravel 5.7:Last migration creates table but is not registered in the migration table

                      Image
                      Does a multiclassed wizard start with a spellbook? Minimizing medical costs with HSA Boss has banned cycling to work because he thinks it's unsafe Is there a typical layout to blocking installed for backing in new construction framing? In the Seventh Seal why does Death let the chess game happen? Why has Novell never written its own boot loader? Should I warn my boss I might take sick leave Why is the saxophone not common in classical repertoire? Is it possible to spoof an IP address to an exact number? Motorcyle Chain needs to be cleaned every time you lube it? Bypass with wrong cvv of debit card and getting OTP Do we have a much compact and generalized version of erase–remove idiom? how can i make this execution plan more efficient? Why did moving the mouse cursor cause Windows 95 to run more quickly? What's the big deal about the Nazgûl losing their horses? Has chattel slavery ever been used as a criminal punishment in the USA since the passag...
                      Read more

                      은진 송씨 목차 역사 본관 분파 인물 조선 왕실과의 인척 관계 집성촌 항렬자 인구 같이 보기 각주 둘러보기 메뉴은진 송씨세종실록 149권, 지리지 충청도 공주목 은진현

                      Image
                      송씨은진 송씨충청남도 소재 성씨논산시 충청남도논산시은진면한국의 성씨고려송명의회덕 황씨류준고흥 류씨송유조선송준길문묘송시열좌의정문묘종묘송준길송규렴송상기송시열송인수송환기송치규송근수충청남도논산시은진면백제757년충청남도은진군논산군논산시은진면송유 은...
                      Read more