ASP.NET Core Web API Authentication and Authorization with JWT (Json Web Token)

In this tutorial we’ll setup a JWT (JSON Web Token) in an ASP.NET Core Web API, implementing Authentication and Authorization. We’ll talk about why it is important for your ASP.NET Core Web API to require authentication with JWT. From project setup to testing this entire process with Postman, by the end of this tutorial you will have a good idea of how to setup authentication and authorization in your .NET Core applications with JWT.
Authentication with JWT is one of the most secure and most performant ways to secure data transfers between client and server. We’ll not only set up authentication in our ASP.NET Core Web API but we’ll touch on authorization and how different user security roles can access specific resources.

Source code:

0:00 – Intro
0:11 – Create a new ASP.NET Core Web Application
0:30 – Install Packages
1:55 – Setup appsettings.json
3:10 – Setup Startup.cs
7:30 – Add necessary models
9:32 – Add API Controllers
18:25 – Test Token Generation with Postman
20:54 – Add UserController
20:54 – Setup API to require Authentication
28:50 – Setup API to Authorize requests

Join our bi-monthly email squad:
Check out further resources:
If you enjoyed this tutorial, please like this video consider subscribing for more content like this!
Subscribe to my channel:

Useful Links:
JWT Token Explained:
– Microsoft.AspNetCore.Authentication.JwtBearer (3.1.20)
– Microsoft.IdentityModel.Tokens (6.14.0)
– System.IdentityModel.Tokens.Jwt (6.14.0)
String generator (for secret key):
Types of registered claims:
Introduction on Jwt:
Old but good read:

– Sound effects obtained from
– Icons designed by and
– Images from the artists on