JwtBearerOptions Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Options class provides information needed to control Bearer Authentication middleware behavior
public ref class JwtBearerOptions : Microsoft::AspNetCore::Builder::AuthenticationOptionspublic class JwtBearerOptions : Microsoft.AspNetCore.Builder.AuthenticationOptionstype JwtBearerOptions = class
inherit AuthenticationOptionsPublic Class JwtBearerOptions
Inherits AuthenticationOptions- Inheritance
Constructors
| JwtBearerOptions() |
Creates an instance of bearer authentication options with default values. |
Properties
| Audience |
Gets or sets the audience for any received OpenIdConnect token. |
| AuthenticationScheme |
The AuthenticationScheme in the options corresponds to the logical name for a particular authentication scheme. A different value may be assigned in order to use the same authentication middleware type more than once in a pipeline. (Inherited from AuthenticationOptions) |
| Authority |
Gets or sets the Authority to use when making OpenIdConnect calls. |
| AutomaticAuthenticate |
If true the authentication middleware alter the request user coming in. If false the authentication middleware will only provide identity when explicitly indicated by the AuthenticationScheme. (Inherited from AuthenticationOptions) |
| AutomaticChallenge |
If true the authentication middleware should handle automatic challenge. If false the authentication middleware will only alter responses when explicitly indicated by the AuthenticationScheme. (Inherited from AuthenticationOptions) |
| BackchannelHttpHandler |
The HttpMessageHandler used to retrieve metadata. This cannot be set at the same time as BackchannelCertificateValidator unless the value is a WebRequestHandler. |
| BackchannelTimeout |
Gets or sets the timeout when using the backchannel to make an http call. |
| Challenge |
Gets or sets the challenge to put in the "WWW-Authenticate" header. |
| ClaimsIssuer |
Gets or sets the issuer that should be used for any claims that are created (Inherited from AuthenticationOptions) |
| Configuration |
Configuration provided directly by the developer. If provided, then MetadataAddress and the Backchannel properties will not be used. This information should not be updated during request processing. |
| ConfigurationManager |
Responsible for retrieving, caching, and refreshing the configuration from metadata. If not provided, then one will be created using the MetadataAddress and Backchannel properties. |
| Description |
Additional information about the authentication type which is made available to the application. (Inherited from AuthenticationOptions) |
| Events |
The object provided by the application to process events raised by the bearer authentication middleware. The application may implement the interface fully, or it may create an instance of JwtBearerAuthenticationEvents and assign delegates only to the events it wants to process. |
| IncludeErrorDetails |
Defines whether the token validation errors should be returned to the caller. Enabled by default, this option can be disabled to prevent the JWT middleware from returning an error and an error_description in the WWW-Authenticate header. |
| MetadataAddress |
Gets or sets the discovery endpoint for obtaining metadata |
| RefreshOnIssuerKeyNotFound |
Gets or sets if a metadata refresh should be attempted after a SecurityTokenSignatureKeyNotFoundException. This allows for automatic recovery in the event of a signature key rollover. This is enabled by default. |
| RequireHttpsMetadata |
Gets or sets if HTTPS is required for the metadata address or authority. The default is true. This should be disabled only in development environments. |
| SaveToken |
Defines whether the bearer token should be stored in the AuthenticationProperties after a successful authorization. |
| SecurityTokenValidators |
Gets the ordered list of ISecurityTokenValidator used to validate access tokens. |
| SystemClock |
For testing purposes only. |
| SystemClock |
For testing purposes only. (Inherited from AuthenticationOptions) |
| TokenValidationParameters |
Gets or sets the parameters used to validate identity tokens. |
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for