Share via

Which authentication options can automatically be looked up from appsettings.json?

jc199 20 Reputation points
2024-08-08T15:53:14.43+00:00

In this article regarding configuring authentication strategies for minimal apis, it states that we can define certain options regarding our authentication server in the appsettings.json file, and have them automatically looked up when adding the corresponding scheme in our program.cs file. I have tested this on my end and confirmed that it works with the options named "ValidAudiences" and "ValidIssuer".

However, when trying to define other authentication options in the appsettings.json file (such as "RoleClaimType") I notice that they are not being automatically looked up like the other options. Is there any way to have "RoleClaimType" looked up automatically like the other options? Also, what are all of the options that can be configured such that they can be automatically looked up from the appsettings config file automatically?

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,545 questions
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,475 questions
ASP.NET API
ASP.NET API
ASP.NET: A set of technologies in the .NET Framework for building web applications and XML web services.API: A software intermediary that allows two applications to interact with each other.
333 questions
0 comments
Accepted answer
  1. Ping Ni-MSFT 4,335 Reputation points Microsoft Vendor
    2024-08-09T09:06:29.75+00:00

    Hi jc199,

    RoleClaimType might not be automatically looked up because they may not be part of the predefined options that are supported for direct binding by the built-in configuration system.

    You can manually bind custom options from appsettings.json to the relevant options classes in your Program.cs file:

    builder.Services.AddAuthentication("Bearer")
    .AddJwtBearer(options =>
    {
        var jwtSection = builder.Configuration.GetSection("Authentication:JwtBearer");
        options.TokenValidationParameters.ValidIssuer = jwtSection["ValidIssuer"];
        options.TokenValidationParameters.ValidAudiences = jwtSection.GetSection("ValidAudiences").Get<string[]>();
        options.TokenValidationParameters.RoleClaimType = jwtSection["RoleClaimType"];
    });

    The json string should be like below:

    {
  "Authentication": {
    "Bearer": {
      "ValidAudiences": [
        "https://localhost:7259",
        "http://localhost:5259"
      ],
      "ValidIssuer": "dotnet-user-jwts",
      "RoleClaimType": "role"
    }
    
  }
}

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,
    Rena

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.