Dotnet Core API well-known-jwks.json

I am trying to validate a token on my Dotnet Core API using following the example…

https://auth0.com/docs/quickstart/backend/aspnet-core-webapi/01-authorization

The page says “By default, your API uses RS256 as the algorithm for signing tokens. Since RS256 uses a private/public keypair, it verifies the tokens against the public key for your Auth0 account. The public key is in the JSON Web Key Set (JWKS) format, and can be accessed here.”

However the code provided does nothing to use the well-known-jwks.json end point. Do you have Dotnet Core code example that uses the end point for the public keys to validate the token?

Thank you in advance.

Hi @martin.d.weel

Thanks for contacting us at Auth0 Community.

The section here https://auth0.com/docs/quickstart/backend/aspnet-core-webapi#validate-access-tokens
Is what you need. It doesn’t need to reference the JWKS explicitly, the fact that you have referenced the authority (domain) it will retrieve the key from here. I think it uses the generic endpoint https://YOUR_DOMAIN/.well-known/openid-configuration to access the link to the JWKS but that’s an assumption.

This document will also help you https://developer.okta.com/blog/2018/03/23/token-authentication-aspnetcore-complete-guide

All the best.