Josh Withee
Reputation: 11336
What is the purpose of JwtBearerOptions.SaveToken property in ASP.NET Core 2.0+?
The Microsoft Docs just have this description:
Defines whether the bearer token should be stored in the AuthenticationProperties after a successful authorization.
I wondered if saving the JWT allows you to revoke it somehow, but every place I read about JWTs says they are irrevocable. What would you do with a JWT being stored in the AuthenticationProperties?
Upvotes: 19
Views: 6095
Answers (1)
Kirk Larkin
Reputation: 93003
Storing the JWT in the AuthenticationProperties allows you to retrieve it from elsewhere within your application.
For example, use GetTokenAsync inside of an action, like this:
public async Task<IActionResult> SomeAction()
{
// using Microsoft.AspNetCore.Authentication;
var accessToken = await HttpContext.GetTokenAsync("access_token");
// ...
}
This is useful if, for example, you want to forward the JWT in an outgoing request.
Upvotes: 31
Related Questions
- Why should I define JwtBearerDefaults.AuthenticationScheme for my Authorize attribute always?
- JWT .NET Core implementation clarification required
- What is BearerOption.SaveToken property used for?
- What is the difference between CreateToken and WriteToken
- How Does the "validatedToken" Work in "ValidateToken()" Method?
- What is the use of JwtIssuerOptions in appsetting?
- ASP.NET Core - AddJwtBearer - Authority URL, how does it work?
- ASP.NET Core - JwtBearer 2.0.0
- What's the point of using JWTs with ASPNet.Identity?
- Purpose of options.AutomaticAuthenticate with UseJwtBearerAuthentication