D.B D.B - 3 years ago 234
C# Question

Get claims from a WebAPI Controller - JWT Token,

I have built an application which uses JWT bearer authentication in ASP.NET Core. When authenticating I define some custom claims which i need to read in another WebAPI controller in order to execute some actions.

Any ideas How Can I achieve this?

This how my code looks like:(Code has been simplified)

public async Task<IActionResult> AuthenticateAsync([FromBody] UserModel user)

var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
Subject = new ClaimsIdentity(new Claim[]
new Claim("userSecurityKey", userDeserialized.SecurityKey.ToString()),
new Claim("timeStamp",timeStamp),
new Claim("verificationKey",userDeserialized.VerificationKey.ToString())

Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);



Another controller: (It Needs to read "verificationKey" claim.)

public async Task<IActionResult> GetCandidateAsync()


var verificationKey = //TODO: GET VerificationKey FROM THE TOKEN

var verificationRecord = await service.GetVerificationRecordAsync(verificationKey);


catch (Exception)
return NotFound();

Answer Source

You should be able to retrieve a claims like this within your controller

var identity = HttpContext.User.Identity as ClaimsIdentity;
if (identity != null)
    IEnumerable<Claim> claims = identity.Claims; 
    // or


If you wanted, you could write extension methods for the IPrincipal interface and retrieve claims using the code above, then retrieve them using (for example)

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download