Get claims from a WebAPI Controller – JWT Token,

You should be able to retrieve a claims like this within your controller

var identity = HttpContext.User.Identity as ClaimsIdentity;
if (identity != null)
    IEnumerable<Claim> claims = identity.Claims; 
    // or


If you wanted, you could write extension methods for the IPrincipal interface and retrieve claims using the code above, then retrieve them using (for example)


For completeness of the answer. To Decode the JWT token let’s write a method to validate the token and extract the information.

public static ClaimsPrincipal ValidateToken(string jwtToken)
        IdentityModelEventSource.ShowPII = true;

        SecurityToken validatedToken;
        TokenValidationParameters validationParameters = new TokenValidationParameters();

        validationParameters.ValidateLifetime = true;

        validationParameters.ValidAudience = _audience.ToLower();
        validationParameters.ValidIssuer = _issuer.ToLower();
        validationParameters.IssuerSigningKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSettings.Secret));

        ClaimsPrincipal principal = new JwtSecurityTokenHandler().ValidateToken(jwtToken, validationParameters, out validatedToken);

        return principal;

Now we can validate and extract the Claims by using:


You should note that the ValidateToken method will return null value if the validation fails.

Leave a Comment