JwtSecurityTokenHandler.ValidateSignature Method

Reference

Definition

Namespace:: System.IdentityModel.Tokens.Jwt

Assembly:: System.IdentityModel.Tokens.Jwt.dll

Package:: System.IdentityModel.Tokens.Jwt v8.1.2

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Validates that the signature, if found or required, is valid.

protected virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken ValidateSignature (string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters);

abstract member ValidateSignature : string * Microsoft.IdentityModel.Tokens.TokenValidationParameters -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken
override this.ValidateSignature : string * Microsoft.IdentityModel.Tokens.TokenValidationParameters -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken

Protected Overridable Function ValidateSignature (token As String, validationParameters As TokenValidationParameters) As JwtSecurityToken

Parameters

token: String

A JWS token.

validationParameters: TokenValidationParameters

The TokenValidationParameters to be used for validating the token.

Returns

JwtSecurityToken

A JwtSecurityToken that has the signature validated if token was signed.

Exceptions

SecurityTokenUnableToValidateException

If the token has a key identifier and none of the SecurityKey(s) provided result in a validated signature as well as the token had validation errors or lifetime or issuer. This is not intended to be a signal to refresh keys.

ArgumentNullException

If validationParameters is null.

SecurityTokenValidationException

If a signature is not found and RequireSignedTokens is true.

SecurityTokenSignatureKeyNotFoundException

If the token has a key identifier and none of the SecurityKey(s) provided result in a validated signature. This can indicate that a key refresh is required.

SecurityTokenInvalidSignatureException

If after trying all the SecurityKey(s), none result in a validated signature AND the token does not have a key identifier.

Remarks

If the token is signed, the signature is validated even if RequireSignedTokens is false.

If the token signature is validated, then the SigningKey will be set to the key that signed the 'token'.It is the responsibility of SignatureValidator to set the SigningKey

Applies to

Delen via