I verified a token is created to angular 6 front end from core 2.1. When I test the token in the jwt.io it states invalid signature. The token only has two parts instead of three
I am learning from a lynda.com course. I asked this question on stackoverflow and one person commented that he used my code and he did not have an issue. I noticed on stackoverflow questions and replies about angular/net are voted down quite a bit. I had to even get a new stackoverflow account because I lost so m any points on my first two questions on angular.
Hi Denise. Sorry, but unfortunately I’m not really clear on what you are trying to accomplish here. I couldn’t find any reference to Auth0 in the GH repo. The token you shared in the first question definitely doesn’t come from Auth0. Its payload is empty, and it doesn’t contain the crypto signature.
If you are trying to use the JwtBearerAuthentication middleware in a .Net Core app (which looks for a JWT token as a mean of authorizing each request to the API), then you need to have a valid token issuer (like Auth0).
The basic flow would be like this:
The client application (your Angular app) requests a token from an authorization server (like Auth0).
The authorization server authenticates the user, ask for consent if required and returns a signed token to the client application
The client application makes a request to the backend API, putting the token in the Authorization header.
The backend API (with the JwtBearerAuthentication middleware) validates the token (issuer, expiration, audience, signature) and, if valid, authorizes the request.