JwtBearerOptions Class¶
Options class provides information needed to control Bearer Authentication middleware behavior
- Namespace
Microsoft.AspNetCore.Builder
- Assemblies
- Microsoft.AspNetCore.Authentication.JwtBearer
Syntax¶
public class JwtBearerOptions : AuthenticationOptions
-
class
Microsoft.AspNetCore.Builder.
JwtBearerOptions
Constructors¶
-
JwtBearerOptions
()¶ Creates an instance of bearer authentication options with default values.
public JwtBearerOptions()
-
Properties¶
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
Audience
¶ Gets or sets the audience for any received OpenIdConnect token.
Return type: System.String Returns: The expected audience for any received OpenIdConnect token. public string Audience { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
Authority
¶ Gets or sets the Authority to use when making OpenIdConnect calls.
Return type: System.String public string Authority { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
BackchannelHttpHandler
¶ The HttpMessageHandler used to retrieve metadata. This cannot be set at the same time as BackchannelCertificateValidator unless the value is a WebRequestHandler.
Return type: System.Net.Http.HttpMessageHandler public HttpMessageHandler BackchannelHttpHandler { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
BackchannelTimeout
¶ Gets or sets the timeout when using the backchannel to make an http call.
Return type: System.TimeSpan public TimeSpan BackchannelTimeout { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
Challenge
¶ Gets or sets the challenge to put in the “WWW-Authenticate” header.
Return type: System.String public string Challenge { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
Configuration
¶ Configuration provided directly by the developer. If provided, then MetadataAddress and the Backchannel properties will not be used. This information should not be updated during request processing.
Return type: Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration public OpenIdConnectConfiguration Configuration { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
ConfigurationManager
¶ Responsible for retrieving, caching, and refreshing the configuration from metadata. If not provided, then one will be created using the MetadataAddress and Backchannel properties.
Return type: Microsoft.IdentityModel.Protocols.IConfigurationManager<Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration> public IConfigurationManager<OpenIdConnectConfiguration> ConfigurationManager { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
Events
¶ The object provided by the application to process events raised by the bearer authentication middleware. The application may implement the interface fully, or it may create an instance of JwtBearerAuthenticationEvents and assign delegates only to the events it wants to process.
Return type: Microsoft.AspNetCore.Authentication.JwtBearer.IJwtBearerEvents public IJwtBearerEvents Events { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
IncludeErrorDetails
¶ Defines whether the token validation errors should be returned to the caller. Enabled by default, this option can be disabled to prevent the JWT middleware from returning an error and an error_description in the WWW-Authenticate header.
Return type: System.Boolean public bool IncludeErrorDetails { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
MetadataAddress
¶ Gets or sets the discovery endpoint for obtaining metadata
Return type: System.String public string MetadataAddress { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
RefreshOnIssuerKeyNotFound
¶ Gets or sets if a metadata refresh should be attempted after a SecurityTokenSignatureKeyNotFoundException. This allows for automatic recovery in the event of a signature key rollover. This is enabled by default.
Return type: System.Boolean public bool RefreshOnIssuerKeyNotFound { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
RequireHttpsMetadata
¶ Gets or sets if HTTPS is required for the metadata address or authority. The default is true. This should be disabled only in development environments.
Return type: System.Boolean public bool RequireHttpsMetadata { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
SaveToken
¶ Defines whether the bearer token should be stored in the
Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties
after a successful authorization.Return type: System.Boolean public bool SaveToken { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
SecurityTokenValidators
¶ Gets the ordered list of
Microsoft.IdentityModel.Tokens.ISecurityTokenValidator
used to validate access tokens.Return type: System.Collections.Generic.IList<Microsoft.IdentityModel.Tokens.ISecurityTokenValidator> public IList<ISecurityTokenValidator> SecurityTokenValidators { get; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
SystemClock
¶ For testing purposes only.
Return type: Microsoft.AspNetCore.Authentication.ISystemClock [EditorBrowsable(EditorBrowsableState.Never)] public ISystemClock SystemClock { get; set; }
-
Microsoft.AspNetCore.Builder.JwtBearerOptions.
TokenValidationParameters
¶ Gets or sets the parameters used to validate identity tokens.
Return type: Microsoft.IdentityModel.Tokens.TokenValidationParameters public TokenValidationParameters TokenValidationParameters { get; set; }
-