Click here to Skip to main content
15,919,613 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
I am designing an api for Educational field. So, I have created WebAPI with authentication mode windows in .Net6. I am having two controllers namely, AuthController and TeacherController. AuthController for authorizing the user and to create JWT Bearer Token. TeacherController is for accessing the application for UserType Teacher for which I need to pass Bearer token to this Controller. I am passing this Bearer token from Swagger Authorize in Header but I am getting an error "
date: Sat,09 Jul 2022 11:14:29 GMT 
 server: Microsoft-IIS/10.0 
 transfer-encoding: chunked 
 www-authenticate: Bearer error="invalid_token",error_description="The signature key was not found", Negotiate,NTLM 
 x-powered-by: ASP.NET 

What I have tried:

I have referred these sites for reference
c# core Bearer error="invalid_token" - Stack Overflow[^]
In this link as explained need to install nuget package
System.IdentityModel.Tokens.Jwt Version="6.16.0"

I have installed it but no use.

c# - Unauthorized (Invalid Token) when authenticating with JWT Bearer Token after update to .NET 6 - Stack Overflow[^]

builder.Services.AddSwaggerGen(options =>
    options.SwaggerDoc("v1", new OpenApiInfo { Title = "EMS API", Version = "v1", Description = "EMS" });
    options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
        BearerFormat = "JWT",
        Description = "JWT Authorization header using the Bearer scheme. \r\n\r\n Enter your token in the text input below.\r\n Example: \"Bearer {token}\"",
        Name = "Authorization",
        In = ParameterLocation.Header,
        Type = SecuritySchemeType.ApiKey,
        Scheme = "Bearer"
    options.AddSecurityRequirement(new OpenApiSecurityRequirement
            new OpenApiSecurityScheme
                Reference = new OpenApiReference
                    Type = ReferenceType.SecurityScheme,
                    Id = "Bearer"
                //Scheme = "oauth2",
                Name = "Bearer",
                In = ParameterLocation.Header
            new List<string>()

    .AddJwtBearer(options =>
        options.RequireHttpsMetadata = false;
        options.SaveToken = true;
        options.TokenValidationParameters = new TokenValidationParameters()
            ValidateIssuer = true,
            ValidateAudience = true,
            ValidIssuer = "https://localhost:44305/",
            ValidAudience = "https://localhost:44305/",
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("MYSUPERSECRETKEY")),
            ClockSkew = TimeSpan.Zero

builder.Services.AddCors(options =>
                      policy =>
                          policy.WithOrigins("https://localhost:44310", "http://localhost:7739");
                          policy.SetIsOriginAllowed(origin => true);

builder.Services.AddAuthorization(options =>
    // By default, all incoming requests will be authorized according to the default policy.
    options.FallbackPolicy = options.DefaultPolicy;


app.UseCors(policy => policy.AllowAnyMethod().AllowAnyHeader().SetIsOriginAllowed(origin => true).AllowCredentials());



But still getting same error as described in the problem statement. Please anyone suggest me

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900