Securing ASP.NET Core APIs with JWT - Authentication and Authorization

Understand the core concepts of OAuth, OpenID and JWT - Learn how to secure APIs written in ASP.NET Core using JWT tokens and enforce an Authenticated and Authorized access.

share via »

Authentication vs Authorization - OAuth OpenID and JWT Explained

When we talk about authentication and authorization, we talk about the most widely used authentication and access management protocols these days; the OAuth and OpenId and the medium for these protocols - JWT.

Getting started with Securing APIs using JWT Bearer Authentication - Hands on

Let's dig into securing our APIs by means of Authenticating incoming requests based on an access token. Let's also look at how we can write our own token generation provider using the asp.net core library.

Implementing Policy based Authorization in ASP.NET Core (.NET 5)

We shall look at a policy-based approach in which all the authenticated users need to further comply to a defined policy in order to access the Web API using ASP.NET Core (.NET 5)

Implementing Role based and Claims based Authorization in ASP.NET Core (.NET 5)

Learn about how we can authorize an API access based on an user role defined by the system and authorize a user based on a claim based on the JWT token passed within the request.

Scenario - Bypassing jwt token validation in an Authentication Middleware

Let's look at a hypothetical scenario, wherein we would want the authentication middleware to completely be bypassed, but yet the user context for the request be setup for us to use at a later point in the request pipeline.

Scenario: Validating JWT Token for Varying Validation Params in ASP.NET Core

Consider an example where in we are required to authenticate an incoming JWT token based on a varying set of token validation parameters passed onto the authentication handler via a service.