I have a webapi in c# and a frontend angular application. The angular application is making calls to active directory services such as azure ad, to get the access token. While on subsequent webapi calls the web api application needs to validate the access token.

My webapi was using Microsoft.Owin.Security jwt token validation up until now. I want to replace Microsoft.Owin.Security with IdentityModel.OidcClient ( since this is certified c# openid connect library). Please help me out on how to use the OidcClient framework to validate the token.

1

There are 1 answers

5
Tore Nestenius On BEST ANSWER

To validate tokens you should not use IdentityModel.OidcClient, instead you should use the Microsoft.AspNetCore.Authentication.JwtBearer Nuget Package to properly validate JWT tokens in an API.