Use JWT (Authorization: Bearer) in Swagger in ASP.NET Core

Question

I'm creating a REST api in ASP.NET Core 1.0. I was using Swagger to test but now I added JWT authorization for some routes. (with UseJwtBearerAuthentication)

Is it possible to modify the header of the Swagger requests so the routes with the [Authorize] attribute can be tested?

Answer 1

I struggled with the same problem and found a working solution in this blogpost: http://blog.sluijsveld.com/28/01/2016/CustomSwaggerUIField

It comes down to adding this in your configurationoptions

services.ConfigureSwaggerGen(options => {    options.OperationFilter<AuthorizationHeaderParameterOperationFilter>(); }); 

and the code for the operationfilter

public class AuthorizationHeaderParameterOperationFilter : IOperationFilter {    public void Apply(Operation operation, OperationFilterContext context)    {       var filterPipeline = context.ApiDescription.ActionDescriptor.FilterDescriptors;       var isAuthorized = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is AuthorizeFilter);       var allowAnonymous = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is IAllowAnonymousFilter);        if (isAuthorized && !allowAnonymous)       {           if (operation.Parameters == null)              operation.Parameters = new List<IParameter>();            operation.Parameters.Add(new NonBodyParameter           {                                  Name = "Authorization",              In = "header",              Description = "access token",              Required = true,              Type = "string"          });       }    } } 

Then you will see an extra Authorization TextBox in your swagger where you can add your token in the format 'Bearer {jwttoken}' and you should be authorized in your swagger requests.