Menu
I have the following code and when I call the api endpoint I get error Bearer was not authenticated. Failure message: IDX10500: Signature validation failed. No security keys were provided to validate the signature.
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(cfg =>
{
cfg.RequireHttpsMetadata = false;
cfg.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = false
};
});
Why is this happening if I am setting the ValidateIssuerSigningKey=false ?
502
Please refer to thread : https://github.com/aspnet/Security/issues/1741
you can set the delegate TokenValidationParameters.SignatureValidator to just return a JwtSecurityToken.
Currently you can't only set ValidateIssuerSigningKey to false to skip the signature validation .As a workaround , you can set the delegate TokenValidationParameters.SignatureValidator to just return a JwtSecurityToken :
ValidateIssuerSigningKey = false,
SignatureValidator = delegate (string token, TokenValidationParameters parameters)
{
var jwt = new JwtSecurityToken(token);
return jwt;
},
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
