Sam Sam - 11 months ago 133
ASP.NET (C#) Question

Using both cookie and JWT tokens in ASP.NET Web/API app

I've seen a lot of articles that cover using

JWT Tokens
in API scenarios. How do I include the
JWT Token
in my request for a web page?

My ASP.NET Core app has both web pages and API methods so I want to use cookies for the web and token for API.

Amy Amy
Answer Source

The way we do it here with Asp.Net, is our auth layer looks for either a cookie or an Authorization header. It pulls the token from either location. This article might be helpful:

http://auth0.com/blog/cookies-vs-tokens-definitive-guide

This takes some custom code, but its not too difficult really. Make your own AuthenticationHandler.

https://wildermuth.com/2017/08/19/Two-AuthorizationSchemes-in-ASP-NET-Core-2

That excellent article will guide you through every step of the process.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download