Share via


SecurityTokenDescriptor Class

Definition

Contains some information which used to create a security token.

public class SecurityTokenDescriptor
type SecurityTokenDescriptor = class
Public Class SecurityTokenDescriptor
Inheritance
SecurityTokenDescriptor

Constructors

SecurityTokenDescriptor()

Properties

AdditionalHeaderClaims

Gets or sets the Dictionary<TKey,TValue> which contains any custom header claims that need to be added to the JWT token header. The 'alg', 'kid', 'x5t', 'enc', and 'zip' claims are added by default based on the SigningCredentials, EncryptingCredentials, and/or CompressionAlgorithm provided and SHOULD NOT be included in this dictionary as this will result in an exception being thrown. These claims are only added to the outer header (in case of a JWE).

AdditionalInnerHeaderClaims

Gets or sets the Dictionary<TKey,TValue> which contains any custom header claims that need to be added to the inner JWT token header. The 'alg', 'kid', 'x5t', 'enc', and 'zip' claims are added by default based on the SigningCredentials, EncryptingCredentials, and/or CompressionAlgorithm provided and SHOULD NOT be included in this dictionary as this will result in an exception being thrown. For JsonWebTokenHandler, these claims are merged with AdditionalHeaderClaims while adding to the inner JWT header.

Audience

Gets or sets the value of the {"": audience} claim. Will be combined with Audiences and any "Aud" claims in Claims or Subject when creating a token.

Audiences

Gets the list audiences to include in the token's 'Aud' claim. Will be combined with Audiences and any "Aud" claims in Claims or Subject when creating a token.

Claims

Gets or sets the Dictionary<TKey,TValue> which represents the claims that will be used when creating a security token. If both Claims and Subject are set, the claim values in Subject will be combined with the values in Claims. The values found in Claims take precedence over those found in Subject, so any duplicate values will be overridden.

CompressionAlgorithm

Defines the compression algorithm that will be used to compress the JWT token payload.

EncryptingCredentials

Gets or sets the EncryptingCredentials used to create a encrypted security token.

Expires

Gets or sets the value of the 'expiration' claim. This value should be in UTC.

IncludeKeyIdInHeader

Indicates if kid and x5t should be included in the header of a JSON web token (JWT)

IssuedAt

Gets or sets the time the security token was issued. This value should be in UTC.

Issuer

Gets or sets the issuer of this SecurityTokenDescriptor.

NotBefore

Gets or sets the notbefore time for the security token. This value should be in UTC.

SigningCredentials

Gets or sets the SigningCredentials used to create a security token.

Subject

Gets or sets the ClaimsIdentity. If both Claims and Subject are set, the claim values in Subject will be combined with the values in Claims. The values found in Claims take precedence over those found in Subject, so any duplicate values will be overridden.

TokenType

Gets or sets the token type. If provided, this will be added as the value for the 'typ' header parameter. In the case of a JWE, this will be added to both the inner (JWS) and the outer token (JWE) header. By default, the value used is 'JWT'. If AdditionalHeaderClaims also contains 'typ' header claim value, it will override the TokenType provided here. This value is used only for JWT tokens and not for SAML/SAML2 tokens

Applies to