Who is authenticated user

Janusz Dalecki 26 Reputation points
2022-11-17T01:05:42.23+00:00

Documentation says that the controller class function with the annotation [Authorize] is authenticated.
e.g.

[Authorize]  
        [HttpGet("{id:int}")]  
        public ActionResult<AccountResponse> GetById(int id)  

{
}

Does authenticated user mean that the user has logged in and has in the requests a header:
Authorization: Bearer ${JwtToken}

Is that true?

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,360 questions
0 comments No comments
{count} vote

Accepted answer
  1. Zhi Lv - MSFT 32,076 Reputation points Microsoft Vendor
    2022-11-17T06:35:55.49+00:00

    Hi @Janusz Dalecki ,

    Does authenticated user mean that the user has logged in and has in the requests a header:
    Authorization: Bearer ${JwtToken}

    Is that true?

    It depends on which kind of authentication you are using.

    If the application was configured to use JWT authentication, in this scenario, as you said, the request needs to add the Authorization header, and the authenticated user mean that the user has logged in and request has the JWT token.

    But if the application was configured to use Cookie authentication, then the user identity information will be stored in the request cookies. In this scenario, it will not use the Authorization header.

    More detail information, you can refer to the following tutorials and check configuration in the Program.cs file:

    JWT Authentication In ASP.NET Core

    JWT Token Authentication And Authorizations In .Net Core 6.0 Web API

    Use cookie authentication without ASP.NET Core Identity

    Introduction to Identity on ASP.NET Core (By default, Asp.net core Identity will use cookie authentication).


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,
    Dillion

    2 people found this answer helpful.

0 additional answers

Sort by: Most helpful