How to create a JWT token with custom JSON claims in Payload using .Net (C#) in Asp.NET Core WEB API

Question

I am generating token with a below code with simple JSON data

  [HttpPost("Token")]
     public IActionResult Token(string userid)
    {
        if ((!string.IsNullOrEmpty(userid)))
        {
            var user = webuserprovider.GetWebUser(userid);

            // validate for 0 records 
            if (user.Count() > 0)
            {
               // if user return 1 row
               var claimsdata = new[]
               { 
                     new  Claim("id",user.First().UserID),                     
               };
                
                var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("secretKey"));
                var signInCred = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
                var token = new JwtSecurityToken(
                      users:{ "id": user.First().UserID},
                      issuer: "mysite.com",
                      audience: "yoursite.com",
                      expires: DateTime.Now.AddMinutes(3),
                      claims: claimsdata,                      
                    signingCredentials: signInCred
                    );
                  var jwt = new JwtSecurityTokenHandler().WriteToken(token);
                  return Ok(new {jwt});
               // return Ok( new JwtSecurityTokenHandler().WriteToken(token) );
            }
            else
            {// return BadRequest(new { message = "UserID does not exist" }); }
             // return BadRequest("Could not verify user");
                return NotFound();
            }
        }
        return Unauthorized();

    }
}
}

JWT payload data :

     {
      "id": "1234",
     "exp": 1538637844,
      "iss": "mysite.com"
      }

How to create payload data with custom claims like below in C# in Asp.net Core Web API REST? With User id inside { } in payload data -->

  {
   "id": "1234",
   "exp": 1538637844,
   "iss": "mysite.com"
   "user": {
          "id" :"user1"
           }                           
  }

Gabriel · Accepted Answer · 2021-08-26 14:39:20Z

Here is the Code with

[HttpPost("Token")]
public IActionResult Token(string userid)
{
    if ((!string.IsNullOrEmpty(userid)))
    {
        var user = webuserprovider.GetWebUser(userid);

        // validate for 0 records 
        if (user.Count() > 0)
        {
           // if user return 1 row
           var claimsdata = new[]
           { 
                 new  Claim("subject","custom claims"),                     
           };

            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("secretKey"));
            var signInCred = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
            var token = new JwtSecurityToken(
                  users:{ "id": user.First().UserID},
                  issuer: "mysite.com",
                  audience: "yoursite.com",
                  expires: DateTime.Now.AddMinutes(3),
                  claims: claimsdata,                      
                signingCredentials: signInCred
                );
               //custom claims as per  requirements
                var jsonu = new { id = user.First().UserID };
                token.Payload["user"] = jsonu;
               //End of custom claims
              var jwt = new JwtSecurityTokenHandler().WriteToken(token);
              return Ok(new {jwt});
           // return Ok( new JwtSecurityTokenHandler().WriteToken(token) );
        }
        else
        {// return BadRequest(new { message = "UserID does not exist" }); }
         // return BadRequest("Could not verify user");
            return NotFound();
        }
    }
    return Unauthorized();
}

And final Payload PAYLOAD: DATA

{
  "subject": "custom claims",
  "exp": 1538651961,
  "iss": "mysite.com",
  "user": {
    "id": "1234"
  }
}

Andrei · Accepted Answer · 2018-10-04 11:32:07Z

9

For JWT I typically use JWT nuget package because I don't like how it's done out-of-the-box.

Install-Package JWT

Check out the documentation. Using this package is pretty straightforward.

var token = new JwtBuilder()
  .WithAlgorithm(new HMACSHA256Algorithm())
  .WithSecret(secret)
  .AddClaim("exp", DateTimeOffset.UtcNow.AddHours(1).ToUnixTimeSeconds())
  .AddClaim("claim2", "claim2-value")
  .Build();

answered Oct 4, 2018 at 11:32

Andrei

44.9k39 gold badges163 silver badges228 bronze badges

Collectives™ on Stack Overflow

How to create a JWT token with custom JSON claims in Payload using .Net (C#) in Asp.NET Core WEB API

2 Answers 2

Comments

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related