6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Where should I store the access token from OAuth2 in a MVC application?\",\"text\":\"

I have OAuth2 Authorization Layer and Service layer as part of my MVC application. The Access Token obtained from OAuth2 should be accessible to Service layer as medium to communicate to APIs. I was considering storing them to Session at class level, so, is this the right method or can I store them to some custom storage ?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"nraina\"},\"upvoteCount\":1,\"answerCount\":1,\"acceptedAnswer\":null}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","c#",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/c#/1","children":"c#"}]}],["$","span","asp.net-mvc",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/asp.net-mvc/1","children":"asp.net-mvc"}]}],["$","span","oauth-2.0",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/oauth-2.0/1","children":"oauth-2.0"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/NZb9P.jpg?s=256","alt":"nraina","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/3794205/nraina","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"nraina"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",354]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Where should I store the access token from OAuth2 in a MVC application?"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",1493]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",1,")"]}],[["$","div","27897186",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/IzUyQ.jpg?s=256","alt":"Eric Bole-Feysot","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/616274/eric-bole-feysot","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Eric Bole-Feysot"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",15167]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

You can add it as a claim.

\n\n

manager.AddClaim(userId, new Claim(\"AccessToken\", AccessToken));\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",2]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","65801994",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/65801994","className":"text-blue-600 hover:underline","children":"OIDC Access Token - Where to store?"}]}],["$","li","56542579",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/56542579","className":"text-blue-600 hover:underline","children":"Where and how to store the access token and refresh token"}]}],["$","li","50846780",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/50846780","className":"text-blue-600 hover:underline","children":"Where should i store expiring REST API authentication token?"}]}],["$","li","39465983",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/39465983","className":"text-blue-600 hover:underline","children":"Where to store Bearer Token in MVC from Web API"}]}],["$","li","44259216",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/44259216","className":"text-blue-600 hover:underline","children":"Where should one store the authentication token in ASP.Net Core"}]}],["$","li","34888661",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/34888661","className":"text-blue-600 hover:underline","children":"Azure Active Directory - MVC application best practices to store the access token"}]}],["$","li","30574007",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/30574007","className":"text-blue-600 hover:underline","children":"Where to store access tokens?"}]}],["$","li","15049175",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/15049175","className":"text-blue-600 hover:underline","children":"asp.net MVC/WEB API - How to store authorization token"}]}],["$","li","12856784",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/12856784","className":"text-blue-600 hover:underline","children":"Secure place to store access token in ASP.NET MVC4"}]}],["$","li","7385697",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/7385697","className":"text-blue-600 hover:underline","children":"Responsibility to store tokens in OAuth 2.0"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Where should I store the access token from OAuth2 in a MVC application?

Answers (1)

Related Questions