API authentication not working

I have followed all the instructions I have found and I can’t get authentication of a .NET Core API to work.

I started a new project from scratch and added the code to it as described in the API Quickstart page. The project is here: https://github.com/rkeith/loginattempt

I tried debugging it on localhost but keep getting errors about the audience. I published it to a free Azure web app.

I used the Authentication API Debugger to get a bearer token. I put the bearer token into Postman and get a 401 error.

I know I am missing something.

The API Quickstart page says this
" 3. Define Permissions and manage Authorization Policies
On the Permissions tab, you can define what scopes this API may accept. On the Settings tab, you can enable or disable Authorization Policy Enforcement for your API. If enabled, only Roles and Permissions assigned to your user will be included in the token.
That’s it!"

That is not it. For a start there is no documentation I can find on what to do with the Permissions tab.

I would really appreciate some help here.

Thanks in advance,

Rob