Login API with JWT token in Asp.Net Core Clean Architecture - Part 10
In this video, we will learn How to Secure ASP.NET Core API with JWT Authentication. JWT is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. It's commonly used for representing claims between two parties in a compact and verifiable manner. In a .NET Core Web API, JWT authentication typically follows these steps: User Authentication: Users authenticate themselves to the application, usually by providing their credentials (e.g., username and password) through a login endpoint. Token Generation: After successful authentication, the server generates a JWT for the authenticated user. This token typically contains information such as the user's identity (subject), expiration time, and any other relevant claims. Token Issuance: The server sends the generated JWT back to the client (usually as part of the response body or in an HTTP header). Subsequent Requests: The client includes the JWT in the headers of subsequent requests to the API. This allows the server to verify the user's identity and authorize the requested actions based on the information contained within the JWT. Token Validation: Upon receiving a request with a JWT, the server validates the token's authenticity and integrity. This involves verifying the digital signature (if applicable) and checking that the token has not expired. User Authorization: Once the token is validated, the server extracts the claims from the JWT to determine the user's identity and the permissions associated with their role(s). It then authorizes the user to perform the requested actions based on these claims. Table of contents: 0:00 - what is jwt in .net core 04:55 - how to create login api with jwt 17:40 - how to generate jwt token 40:00 - how to validate token 47:00 - configure swagger authorization #cleanarchitecture #dotnetcore Source Code: https://github.com/huzaifa21718/CleanArchitecture_DotNet6
In this video, we will learn How to Secure ASP.NET Core API with JWT Authentication. JWT is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. It's commonly used for representing claims between two parties in a compact and verifiable manner. In a .NET Core Web API, JWT authentication typically follows these steps: User Authentication: Users authenticate themselves to the application, usually by providing their credentials (e.g., username and password) through a login endpoint. Token Generation: After successful authentication, the server generates a JWT for the authenticated user. This token typically contains information such as the user's identity (subject), expiration time, and any other relevant claims. Token Issuance: The server sends the generated JWT back to the client (usually as part of the response body or in an HTTP header). Subsequent Requests: The client includes the JWT in the headers of subsequent requests to the API. This allows the server to verify the user's identity and authorize the requested actions based on the information contained within the JWT. Token Validation: Upon receiving a request with a JWT, the server validates the token's authenticity and integrity. This involves verifying the digital signature (if applicable) and checking that the token has not expired. User Authorization: Once the token is validated, the server extracts the claims from the JWT to determine the user's identity and the permissions associated with their role(s). It then authorizes the user to perform the requested actions based on these claims. Table of contents: 0:00 - what is jwt in .net core 04:55 - how to create login api with jwt 17:40 - how to generate jwt token 40:00 - how to validate token 47:00 - configure swagger authorization #cleanarchitecture #dotnetcore Source Code: https://github.com/huzaifa21718/CleanArchitecture_DotNet6