xarielah
Reputation: 553
Challanging access by extracting JWT authorization from Cookie
I am using a Google authentication to generate JWT tokens (access token and refresh token), and send it to the client as HttpOnly cookies.
On my API currently a JwtBearer is set up, which expecting a Bearer authorization header.
I would like it to also seek that bearer token as access token cookie, could it be combined? or just set up for seeking JWT Bearer token in access token cookie?
Upvotes: 1
Views: 27
Answers (1)
xarielah
Reputation: 553
A Middleware.
I've used a Middleware to extract the access_token HttpSecure cookie and add it the Authorization header incase it is empty or missing
Upvotes: 0
Related Questions
- How to properly use Bearer tokens?
- Bearer Token authentication and JWT
- How to update user claims stored in authentication cookie in .NET Core 6
- Is it possible to configure Keycloak to store the access-token/JWT as a Bearer Token instead of as a Cookie?
- Adding Authorization Header (Authorization: Bearer {access_token}) to specific route in Ocelot API Gateway
- Using bearer tokens and cookie authentication together
- Trying to inject Authorization header using OWIN before authorization happens in ASP.net Web API
- Authentication-Info header for Bearer (JWT) Auth Scheme