Refresh Tokens in Asp.Net Core 2 Api

So you are now Authenticating your user and providing Authorization via the Jwt (Auth) token.  Now you don’t want your Auth tokens to live for really long periods of time, and you certainly don’t want your users having to re-login to your app every 30 minutes.  But for safety, how do we get around this? Refresh Tokens A refresh token…

Read more »

Capture Tenant in Asp.Net Core 2.0 Web Api

Let’s now capture the Tenant in our code.  Here I will be using the domain name of the web site the app runs on to determine who the Tenant is.  Normally you would capture domains names like “customerA.apothecaric.com” and “customerB.apothecaric.com” and you then determine which Tenant the user belongs to. Set Up Data For Development In our immediate case we…

Read more »

Authenticate and Authorize With Jwt Tokens In Asp.Net Core 2 Web Api

Finally! Let’s see how we “login” our user and make requests with Jwt tokens and have other endpoints protected from access without a valid token. Start With The Configuration File To set things up, lets add a few entries into our appsettings.json file.  Let’s add some Token settings to the file.

For our Tokens config, we want to set…

Read more »