ASP.NET Core Web API Authentication and Authorization with JWT (Json Web Token)
In this tutorial we’ll setup a JWT (JSON Web Token) in an ASP.NET Core Web API, implementing Authentication and Authorization. We’ll talk about why it is important for your ASP.NET Core Web API to require authentication with JWT. From project setup to testing this entire process with Postman, by the end of this tutorial you will have a good idea of how to setup authentication and authorization in your .NET Core applications with JWT.
Authentication with JWT is one of the most secure and most performant ways to secure data transfers between client and server. We’ll not only set up authentication in our ASP.NET Core Web API but we’ll touch on authorization and how different user security roles can access specific resources.
Source code: https://github.com/iulianoana/jwt-dotnetcore-web
0:00 – Intro
0:11 – Create a new ASP.NET Core Web Application
0:30 – Install Packages
1:55 – Setup appsettings.json
3:10 – Setup Startup.cs
7:30 – Add necessary models
9:32 – Add API Controllers
18:25 – Test Token Generation with Postman
20:54 – Add UserController
20:54 – Setup API to require Authentication
28:50 – Setup API to Authorize requests
Join our bi-monthly email squad: https://signup.codewithjulian.com
Check out further resources: https://codewithjulian.com
If you enjoyed this tutorial, please like this video consider subscribing for more content like this!
Subscribe to my channel: https://www.youtube.com/channel/UCvVIREQiOSNSg1mRlZy_kRw
Useful Links:
JWT Token Explained: https://youtu.be/Pn_rTbvWW4w
Packages:
– Microsoft.AspNetCore.Authentication.JwtBearer (3.1.20)
– Microsoft.IdentityModel.Tokens (6.14.0)
– System.IdentityModel.Tokens.Jwt (6.14.0)
String generator (for secret key): https://www.random.org/strings/
Types of registered claims: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1
Introduction on Jwt: https://jwt.io/introduction
Old but good read: https://devblogs.microsoft.com/aspnet/jwt-validation-and-authorization-in-asp-net-core/
Credits:
– Sound effects obtained from https://www.zapsplat.com
– Icons designed by http://www.freepik.com and https://www.flaticon.com/
– Images from the artists on https://unsplash.com/