Issuer and Audience in JWT .net core

Question

Hi everyone I'm trying to do JWT in .net core api and I have a question while configuring JWT in file startup.cs Specifically I want to ask "ValidIssuer" and "ValidAudience" to do, what does it mean for JWT? Somebody can help me please, thanks all.

This is my code :

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(option =>
            {
                option.TokenValidationParameters = new TokenValidationParameters
                {
                    // what to validate
                    ValidateIssuer = true,
                    ValidateAudience = true,    
                    ValidateIssuerSigningKey = true,
                    // set up validate data 
                    ValidIssuer = "smesk.in", 
                    ValidAudience = "reader", 
                    IssuerSigningKey = symmetricSecurityKey

                };



            });

Answer 1

It is basically used to whom you want to allow your requests. You can refer this document.

https://learn.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.tokens.tokenvalidationparameters.validaudience?view=azure-dotnet

And you can set it like this.

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {

            ValidateIssuer = true,
            ValidateAudience = true,
            ValidIssuer = Configuration["Jwt:Issuer"],
            ValidAudience = Configuration["Jwt:Audience"]

        };
    });

Appsettings.json

  "Jwt": {
    "Issuer": "test.com",
    "Audience": "abc.com"
  }