Using both cookie and JWT tokens in ASP.NET Web/API app

I've seen a lot of articles that cover using

JWT Tokens

in API scenarios. How do I include the

JWT Token

in my request for a web page?

My ASP.NET Core app has both web pages and API methods so I want to use cookies for the web and token for API.

Recommended for you: Get network issues from WhatsUp Gold. Not end users.

Amy

Answer Source

The way we do it here with Asp.Net, is our auth layer looks for either a cookie or an Authorization header. It pulls the token from either location. This article might be helpful:

http://auth0.com/blog/cookies-vs-tokens-definitive-guide

This takes some custom code, but its not too difficult really. Make your own AuthenticationHandler.

https://wildermuth.com/2017/08/19/Two-AuthorizationSchemes-in-ASP-NET-Core-2

That excellent article will guide you through every step of the process.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download

Using both cookie and JWT tokens in ASP.NET Web/API app

Sign up