This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 27%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
I am trying to validate my access token generated by my app registered on B2C, but getting an "Invalid signature" error when try to validate the token using a custom library.
I followed the instructions given in the answer session of the following thread
I could validate the token signature successfully when validating using a console application. When I add the same code and parameters into the custom library, the token signature is
not getting validated. What could be the issue?
My source code is in the following repository
https://github.com/suresh-babu-s/Auth.API.git
I use the following code to validate the signature.
//source code - start
private bool ValidateCurrentToken(string token, string modulus, string exponent, string issuer, string audience)
{
bool isSuccess = false;
try
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(
new RSAParameters()
{
Modulus = FromBase64Url(modulus),
Exponent = FromBase64Url(exponent)
});
var validationParameters = new TokenValidationParameters
{
RequireExpirationTime = true,
RequireSignedTokens = true,
ValidateAudience = true,
ValidateIssuer = true,
ValidateLifetime = true,
ValidIssuer = issuer,
ValidAudience = audience,
IssuerSigningKey = new RsaSecurityKey(rsa)
};
SecurityToken validatedSecurityToken = null;
var handler = new JwtSecurityTokenHandler();
var claimPrincipal = handler.ValidateToken(token, validationParameters, out validatedSecurityToken);
//JwtSecurityToken validatedJwt = validatedSecurityToken as JwtSecurityToken;
isSuccess = claimPrincipal.Identity.IsAuthenticated;
}
catch (Exception ex)
{
//log exception
isSuccess = false;
}
return isSuccess;
}
//source code - end
Hello @Suresh Babu , please ensure modulus and exponent values are obtained from the OpenID Connect metadata endpoint. Also, I noticed you're using an outdated version of System.IdentityModel.Tokens.Jwt. Update to the latest and ensure Microsoft.IdentityModel.* packages are added to the lib project.
Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it so that others in the community with similar questions can more easily find a solution.
Hi @Alfredo Revilla - Upwork Top Talent | IAM SWE SWA , Thank you for the reply.
I have obtained "moduls" and "exponent" from the OpenID connect meta points as mentioned in your link.
Even though I use an outdated version of System.IdentityModel.Tokens.Jwt, how does it get validated in the standalone console application? I have used Microsoft .net framework 4.8 for creating the custom
library for validating the JWT token.
As per your instructions, I will include the latest version of System.IdentityModel.Tokens.Jwt, and Microsoft.IdentityModel.* packages and test
Hello @Suresh Babu , great! Please let us know how it goes. Btw, the console validation is using newer packages than the API lib.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 40%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Hi @Alfredo Revilla - Upwork Top Talent | IAM SWE SWA , Sorry for the late reply. Your solution worked!!! Thank you very much