Create token authentication in ASP.NET Core

How to create token in ASP.NET Core

In this post I will demonstrate how to create a authentication token in an ASP.NET Core Web Api application.

Example

At first I add some claims to token e.g NameIdentifier, and DateOfBirth.

Now I need to create secret key for token. Let’s add it in appsettings.json. It’s looks like below:

Then create a key symmetric security key with our secret value from appsettings and generate credentials, using some sort of hashing algorithm (in this case HmacSha512).

It remains to create a token from the above-created properities.

In this way, create actions in the controller that will create a token and return it to us.

Voilà!

After calling Authorize method in postman, we get a token.

token

We can verify its correctness on the jwt.io website.

decode token

We see that everything is ok with our token.

ASP.NET Core Authorization

Let’s now use our generated token to secure our application. To configure the application to use the token jwt we need to add some behavior in start up.

Put the authorizate attribute on our value controller to test the authorization action.

After calling the action above without providing the token, we get the 401 code of unauthorized.

error authorization

When we pass our token in the header, the application returns us the correct information.

correct authorization

Link to whole code – github.

Leave a Reply

Your email address will not be published. Required fields are marked *