I'm not able to access protected method with Authorized with a token generated by Asp.net Core. The configuration : services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBea...

I have a .NET MVC and WEB API project. I want to call the WEB API controllers from javascript but I didn't find a way to send the token to my views. I want to add the bearer token in Viewbag variab...

I'm trying to implement Two Factor Authentication (2FA) in a Web API 2 solution using OAuth 2 and Bearer Token with the help of OWIN. I know 2FA with Bearer Token is not a standard workflow but has...

In my Web Api 2.2 OWIN based application I have a situation where I manually need to decode the bearer token but I don't know how to do this. This is my startup.cs public class Startup { public ...

I'm using MSAL to get an ID Token which is then used to access an Web API app. I've got a couple of questions and I was wondering if someone could help me understand what's going on. Let me start ...

I want to do token based mechanism where I would be having either SPA or mobile apps supporting multiple clients. Use case of my web service engine and my application: My web application: Client ...

I am looking for some guidance with configuring owin middleware bearer token authentication to support Open Id Connect key rotation. The Opend Id Connect spec says the following about key rotatio...

In my web Angular project I've created an AuthenticationGuard and an AuthenticationService to handle the security. These files comes from another branch of my project who works perfectly. Here is...

In an application I'm building, we're using JWT tokens as OAuth Bearer token. Say we have a resource collection called things, addressable by thing ID, eg. things/1, things/44, etc. Currently, wh...

I have two main projects in my Web application: WebApi project as back-end to serve authentication and authorization for the Web project,using OWIN 2 with bearer tokens. Web project uses Angularj...

I thought I had a pretty simple goal in mind when I set out a day ago to implement a self-contained bearer auth webapi on .NET core 2.0, but I have yet to get anything remotely working. Here's a li...

We have a staging server set up that uses HTTP Basic authentication for access which is independent of the user functionality on the site. Once the stage is accessed, I log in with some credentials...

I am developing a Web API 2 project. For authentication I am using bearer token. On successful authentication the API returns a JSON object. {"access_token":"Vn2kwVz...", "token_type":"bearer", ...

I am using the OWIN OAuthAuthorizationServer library in an OWIN ASP.NET C# web API to generate and process bearer tokens. Right now, I have a single endpoint (which you set in the OAuthAuthorizati...

I have Web API developed using ASP.NET Core and I need to be able to use both Basic and Bearer authentication schemes for the same service. For some reason it does not work: it always considers the...

I have a minimal setup of an auth-provider, which sets claims-identity public class SimpleAuthorizationProvider : OAuthAuthorizationServerProvider { public override async Task ValidateClientAuthe...

My application has an API part and a website-part. On the website, the user can log in and gets a JWT bearer token from the API. My question now is: Where should I store that token? Some say...

I have a Web API with tons of methods that all require a bearer token to be present in order to be used. These methods all extract information from the bearer token. I want to test whether the API...

My application is an ASP.NET Core 1.0 Web API. How do I test a controller which is decorated with the Authorize attribute? For example, with this controller and test method: [TestMethod] public voi...

A request using the Authorization: bearer [token] can be used for authentication? or Should we use another method to authenticate a client and issue a token then use the token as a bearer token lik...

I have implemented security for my web api (individual accounts) as discussed here. I have hosted the website on godaddy (shared hosting) and its working fine. When I ask for token by using url "...

I'm building a client that basically needs to send and retrieve files as InputStream (it has to be) from an endpoint that requires authentication. I'm using Apache HttpClient with a Bearer AuthSch...

Why Authorization header is mostly used to send a bearer token to server? Why don't we send our authorization token as URL parameter or post it as json payload with the request body?

I am attempting to implement OWIN bearer token authorization, and based on this article. However, there's one additional piece of information I need in bearer token that I don't know how to impleme...

I have an MVC 5 web application and can login with a Login.cshtml page and get a cookie and the login works fine. But, I would like to do a login with the Web API and then (maybe) set a cookie so t...