Get claims from a WebAPI Controller – JWT Token,

You should be able to retrieve a claims like this within your controller var identity = HttpContext.User.Identity as ClaimsIdentity; if (identity != null) { IEnumerable<Claim> claims = identity.Claims; // or identity.FindFirst(“ClaimName”).Value; } If you wanted, you could write extension methods for the IPrincipal interface and retrieve claims using the code above, then retrieve them using … Read more

JWT on .NET Core 2.0

Here is a full working minimal sample with a controller. I hope you can check it using Postman or JavaScript call. appsettings.json, appsettings.Development.json. Add a section. Note, Key should be rather long and Issuer is an address of the service: … ,”Tokens”: { “Key”: “Rather_very_long_key”, “Issuer”: “http://localhost:56268/” } … !!! In real project, don’t keep … Read more

What is the maximum size of JWT token?

I’ve also been trying to find this. I’d say – try and ensure it’s below 7kb. Whilst JWT defines no upper limit in the spec (http://www.rfc-editor.org/rfc/rfc7519.txt) we do have some operational limits. As a JWT is included in a HTTP header, we’ve an upper limit (SO: Maximum on http header values) of 8K on the … Read more

JSON Web Token (JWT) with Spring based SockJS / STOMP Web Socket

Current Situation UPDATE 2016-12-13 : the issue referenced below is now marked fixed, so the hack below is no longer necessary which Spring 4.3.5 or above. See https://github.com/spring-projects/spring-framework/blob/master/src/docs/asciidoc/web/websocket.adoc#token-authentication. Previous Situation Currently (Sep 2016), this is not supported by Spring except via query parameter as answered by @rossen-stoyanchev, who wrote a lot (all?) of the Spring … Read more