Home > Enterprise >  .Net Core microservice and inspecting Cognito JWT claims for use in authorization
.Net Core microservice and inspecting Cognito JWT claims for use in authorization

Time:04-02

I am developing a .net service that I am passing a Cognito generated JWT in the client that has a group claim that I hope to use to restrict API access as the JWT is passed in as a Bearer token with each API call from the front-end. e.g.

"cognito:groups":["Guest"]

In my code now I have added:

    services.AddAuthentication(DefaultScheme = JwtBearerDefaults.AuthenticationScheme)
  .AddJwtBearer(options =>
        {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateAudience = false,
            RoleClaimType = "cognito:groups"
        };
    });

I have setup up my roles and my permissions using the enter image description here

Page link:https//www.codepudding.com/Enterprise/357211.html

Prev:Which class would inherit a Controller in a project ASP.NET Core Web API?
Next:Can HttpResponseMessage.Content be null?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding