65.9K
CodeProject is changing. Read more.
Home

Create and Consume JWT Tokens in C#

Denis Pashkov
starIconstarIconstarIcon
emptyStarIcon
starIcon
emptyStarIcon

3.73/5 (11 votes)

Sep 30, 2017

CPOL
viewsIcon

167494

How to create and consume JWT tokens in C#

Introduction

There are plenty of materials on how to manage JWT tokens in C# environment.

But I found most of them are either too complicated for the beginner or outdated.
In this example, we will create and read a JWT token using a simple console app, so we can get a basic idea of how we can use it in any type of projects.

Let's create a simple console project and add these libraries as references:

System.IdentityModel;  
System.Security

Next, we will need JWT Tokens Package.

Nuget  install-package  "System.IdentityModel.Tokens.Jwt"

Now we are ready to play with JWT Tokens:

 static void Main(string[] args)
        {
            Console.WriteLine("");
             
            // Define const Key this should be private secret key  stored in some safe place 
            string key = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b372742
            9090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";

            // Create Security key  using private key above:  
            // not that latest version of JWT using Microsoft namespace instead of System  
            var securityKey = new Microsoft
                .IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
            
            // Also note that securityKey length should be >256b 
            // so you have to make sure that your private key has a proper length  
            // 
            var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials
                              (securityKey, SecurityAlgorithms.HmacSha256Signature);

            //  Finally create a Token  
            var header = new JwtHeader(credentials);
         
            //Some PayLoad that contain information about the  customer 
            var payload = new JwtPayload
            {
                { "some ", "hello "},
                { "scope", "http://dummy.com/"},                 
            };

            // 
            var secToken = new JwtSecurityToken(header, payload); 
            var handler = new JwtSecurityTokenHandler();

            // Token to String so you can use it in your client
            var tokenString = handler.WriteToken(secToken); 

            Console.WriteLine(tokenString);
            Console.WriteLine("Consume Token");

             
            // And finally when  you received token from client 
            // you can  either validate it or try to  read  
            var token = handler.ReadJwtToken(tokenString);

            Console.WriteLine(token.Payload.First().Value); 
            
            Console.ReadLine(); 
        }