JwtBearerOptions JwtBearerOptions Class

Options class provides information needed to control Bearer Authentication middleware behavior

Syntax

Declaration

public class JwtBearerOptions : AuthenticationOptionsPublic Class JwtBearerOptions
    Inherits AuthenticationOptions

Inheritance Hierarchy

Inherited Members

AuthenticationScheme,
AuthenticationScheme,
AutomaticAuthenticate,
AutomaticAuthenticate,
AutomaticChallenge,
AutomaticChallenge,
ClaimsIssuer,
ClaimsIssuer,
Description,
Description,
ToString(),
ToString(),
Equals(Object),
Equals(Object),
Equals(Object, Object),
Equals(Object, Object),
ReferenceEquals(Object, Object),
ReferenceEquals(Object, Object),
GetHashCode(),
GetHashCode(),
GetType(),
GetType(),
MemberwiseClone()
MemberwiseClone()

Constructors summary

Creates an instance of bearer authentication options with default values.

Properties summary

Gets or sets the audience for any received OpenIdConnect token.
Gets or sets the Authority to use when making OpenIdConnect calls.
The HttpMessageHandler used to retrieve metadata. This cannot be set at the same time as BackchannelCertificateValidator unless the value is a WebRequestHandler.
Gets or sets the timeout when using the backchannel to make an http call.
Gets or sets the challenge to put in the "WWW-Authenticate" header.
Configuration provided directly by the developer. If provided, then MetadataAddress and the Backchannel properties will not be used. This information should not be updated during request processing.
Responsible for retrieving, caching, and refreshing the configuration from metadata. If not provided, then one will be created using the MetadataAddress and Backchannel properties.
The object provided by the application to process events raised by the bearer authentication middleware. The application may implement the interface fully, or it may create an instance of JwtBearerAuthenticationEvents and assign delegates only to the events it wants to process.
Defines whether the token validation errors should be returned to the caller. Enabled by default, this option can be disabled to prevent the JWT middleware from returning an error and an error_description in the WWW-Authenticate header.
Gets or sets the discovery endpoint for obtaining metadata
Gets or sets if a metadata refresh should be attempted after a SecurityTokenSignatureKeyNotFoundException. This allows for automatic recovery in the event of a signature key rollover. This is enabled by default.
Gets or sets if HTTPS is required for the metadata address or authority. The default is true. This should be disabled only in development environments.
Defines whether the bearer token should be stored in the AuthenticationProperties after a successful authorization.
Gets the ordered list of Microsoft.IdentityModel.Tokens.ISecurityTokenValidator used to validate access tokens.
Gets or sets the parameters used to validate identity tokens.

Constructors

  • JwtBearerOptions()
    JwtBearerOptions()
    Creates an instance of bearer authentication options with default values.
    public JwtBearerOptions()Public Sub New

Properties

  • Audience
    Audience
    Gets or sets the audience for any received OpenIdConnect token.
    public string Audience { get; set; }Public Property Audience As String

    Property Value

    • System.String
      System.String
      The expected audience for any received OpenIdConnect token.
  • Authority
    Authority
    Gets or sets the Authority to use when making OpenIdConnect calls.
    public string Authority { get; set; }Public Property Authority As String

    Property Value

    • System.String
      System.String
  • BackchannelHttpHandler
    BackchannelHttpHandler
    The HttpMessageHandler used to retrieve metadata. This cannot be set at the same time as BackchannelCertificateValidator unless the value is a WebRequestHandler.
    public HttpMessageHandler BackchannelHttpHandler { get; set; }Public Property BackchannelHttpHandler As HttpMessageHandler

    Property Value

    • System.Net.Http.HttpMessageHandler
      System.Net.Http.HttpMessageHandler
  • BackchannelTimeout
    BackchannelTimeout
    Gets or sets the timeout when using the backchannel to make an http call.
    public TimeSpan BackchannelTimeout { get; set; }Public Property BackchannelTimeout As TimeSpan

    Property Value

    • System.TimeSpan
      System.TimeSpan
  • Challenge
    Challenge
    Gets or sets the challenge to put in the "WWW-Authenticate" header.
    public string Challenge { get; set; }Public Property Challenge As String

    Property Value

    • System.String
      System.String
  • Configuration
    Configuration
    Configuration provided directly by the developer. If provided, then MetadataAddress and the Backchannel properties will not be used. This information should not be updated during request processing.
    public OpenIdConnectConfiguration Configuration { get; set; }Public Property Configuration As OpenIdConnectConfiguration

    Property Value

    • Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration
      Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration
  • ConfigurationManager
    ConfigurationManager
    Responsible for retrieving, caching, and refreshing the configuration from metadata. If not provided, then one will be created using the MetadataAddress and Backchannel properties.
    public IConfigurationManager<OpenIdConnectConfiguration> ConfigurationManager { get; set; }Public Property ConfigurationManager As IConfigurationManager(Of OpenIdConnectConfiguration)

    Property Value

    • Microsoft.IdentityModel.Protocols.IConfigurationManager<T><Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration>
      Microsoft.IdentityModel.Protocols.IConfigurationManager<T>(Of Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration)
  • Events
    Events
    The object provided by the application to process events raised by the bearer authentication middleware. The application may implement the interface fully, or it may create an instance of JwtBearerAuthenticationEvents and assign delegates only to the events it wants to process.
    public IJwtBearerEvents Events { get; set; }Public Property Events As IJwtBearerEvents

    Property Value

  • IncludeErrorDetails
    IncludeErrorDetails
    Defines whether the token validation errors should be returned to the caller. Enabled by default, this option can be disabled to prevent the JWT middleware from returning an error and an error_description in the WWW-Authenticate header.
    public bool IncludeErrorDetails { get; set; }Public Property IncludeErrorDetails As Boolean

    Property Value

    • System.Boolean
      System.Boolean
  • MetadataAddress
    MetadataAddress
    Gets or sets the discovery endpoint for obtaining metadata
    public string MetadataAddress { get; set; }Public Property MetadataAddress As String

    Property Value

    • System.String
      System.String
  • RefreshOnIssuerKeyNotFound
    RefreshOnIssuerKeyNotFound
    Gets or sets if a metadata refresh should be attempted after a SecurityTokenSignatureKeyNotFoundException. This allows for automatic recovery in the event of a signature key rollover. This is enabled by default.
    public bool RefreshOnIssuerKeyNotFound { get; set; }Public Property RefreshOnIssuerKeyNotFound As Boolean

    Property Value

    • System.Boolean
      System.Boolean
  • RequireHttpsMetadata
    RequireHttpsMetadata
    Gets or sets if HTTPS is required for the metadata address or authority. The default is true. This should be disabled only in development environments.
    public bool RequireHttpsMetadata { get; set; }Public Property RequireHttpsMetadata As Boolean

    Property Value

    • System.Boolean
      System.Boolean
  • SaveToken
    SaveToken
    Defines whether the bearer token should be stored in the AuthenticationProperties after a successful authorization.
    public bool SaveToken { get; set; }Public Property SaveToken As Boolean

    Property Value

    • System.Boolean
      System.Boolean
  • SecurityTokenValidators
    SecurityTokenValidators
    Gets the ordered list of Microsoft.IdentityModel.Tokens.ISecurityTokenValidator used to validate access tokens.
    public IList<ISecurityTokenValidator> SecurityTokenValidators { get; }Public ReadOnly Property SecurityTokenValidators As IList(Of ISecurityTokenValidator)

    Property Value

    • System.Collections.Generic.IList<T><Microsoft.IdentityModel.Tokens.ISecurityTokenValidator>
      System.Collections.Generic.IList<T>(Of Microsoft.IdentityModel.Tokens.ISecurityTokenValidator)
  • TokenValidationParameters
    TokenValidationParameters
    Gets or sets the parameters used to validate identity tokens.
    public TokenValidationParameters TokenValidationParameters { get; set; }Public Property TokenValidationParameters As TokenValidationParameters

    Property Value

    • Microsoft.IdentityModel.Tokens.TokenValidationParameters
      Microsoft.IdentityModel.Tokens.TokenValidationParameters

    Exceptions

    • System.ArgumentNullException
      System.ArgumentNullException
      if 'value' is null.

    Remarks

    Contains the types and definitions required for validating a token.

Details

Assembly

Microsoft.AspNetCore.Authentication.JwtBearer.dll