JwtSecurityTokenHandler.CreateJwtSecurityToken Method

Definition

Overloads

CreateJwtSecurityToken(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials, EncryptingCredentials, IDictionary<String,Object>)

Creates a JwtSecurityToken

CreateJwtSecurityToken(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials, EncryptingCredentials)

Creates a JwtSecurityToken

CreateJwtSecurityToken(SecurityTokenDescriptor)

Creates a Json Web Token (JWT).

CreateJwtSecurityToken(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials)

Creates a JwtSecurityToken

CreateJwtSecurityToken(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials, EncryptingCredentials, IDictionary<String,Object>)

Creates a JwtSecurityToken

public virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken CreateJwtSecurityToken (string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, DateTime? notBefore, DateTime? expires, DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary<string,object> claimCollection);
abstract member CreateJwtSecurityToken : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials * Microsoft.IdentityModel.Tokens.EncryptingCredentials * System.Collections.Generic.IDictionary<string, obj> -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken
override this.CreateJwtSecurityToken : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials * Microsoft.IdentityModel.Tokens.EncryptingCredentials * System.Collections.Generic.IDictionary<string, obj> -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken
Public Overridable Function CreateJwtSecurityToken (issuer As String, audience As String, subject As ClaimsIdentity, notBefore As Nullable(Of DateTime), expires As Nullable(Of DateTime), issuedAt As Nullable(Of DateTime), signingCredentials As SigningCredentials, encryptingCredentials As EncryptingCredentials, claimCollection As IDictionary(Of String, Object)) As JwtSecurityToken

Parameters

issuer
String

The issuer of the token.

audience
String

The audience for this token.

subject
ClaimsIdentity

The source of the Claim(s) for this token.

notBefore
Nullable<DateTime>

The notbefore time for this token.

expires
Nullable<DateTime>

The expiration time for this token.

issuedAt
Nullable<DateTime>

The issue time for this token.

signingCredentials
SigningCredentials

Contains cryptographic material for generating a signature.

encryptingCredentials
EncryptingCredentials

Contains cryptographic material for encrypting the token.

claimCollection
IDictionary<String,Object>

A collection of (key,value) pairs representing Claim(s) for this token.

Returns

JwtSecurityToken

A JwtSecurityToken.

Exceptions

If 'expires' <= 'notBefore'.

Remarks

If Actor is not null, then a claim { actort, 'value' } will be added to the payload. CreateActorValue(ClaimsIdentity) for details on how the value is created.

See for details on how the HeaderParameters are added to the header.

See for details on how the values are added to the payload.

Each Claim on the subject added will have Type translated according to the mapping found in OutboundClaimTypeMap. Adding and removing to OutboundClaimTypeMap will affect the name component of the Json claim.

SigningCredentials(SecurityKey, String) is used to sign RawData.

EncryptingCredentials(SecurityKey, String, String) is used to encrypt RawData or RawPayload .

Applies to

Product Introduced

CreateJwtSecurityToken(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials, EncryptingCredentials)

Creates a JwtSecurityToken

public virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken CreateJwtSecurityToken (string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, DateTime? notBefore, DateTime? expires, DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials);
abstract member CreateJwtSecurityToken : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials * Microsoft.IdentityModel.Tokens.EncryptingCredentials -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken
override this.CreateJwtSecurityToken : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials * Microsoft.IdentityModel.Tokens.EncryptingCredentials -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken
Public Overridable Function CreateJwtSecurityToken (issuer As String, audience As String, subject As ClaimsIdentity, notBefore As Nullable(Of DateTime), expires As Nullable(Of DateTime), issuedAt As Nullable(Of DateTime), signingCredentials As SigningCredentials, encryptingCredentials As EncryptingCredentials) As JwtSecurityToken

Parameters

issuer
String

The issuer of the token.

audience
String

The audience for this token.

subject
ClaimsIdentity

The source of the Claim(s) for this token.

notBefore
Nullable<DateTime>

The notbefore time for this token.

expires
Nullable<DateTime>

The expiration time for this token.

issuedAt
Nullable<DateTime>

The issue time for this token.

signingCredentials
SigningCredentials

Contains cryptographic material for generating a signature.

encryptingCredentials
EncryptingCredentials

Contains cryptographic material for encrypting the token.

Returns

JwtSecurityToken

A JwtSecurityToken.

Exceptions

If 'expires' <= 'notBefore'.

Remarks

If Actor is not null, then a claim { actort, 'value' } will be added to the payload. CreateActorValue(ClaimsIdentity) for details on how the value is created.

See for details on how the HeaderParameters are added to the header.

See for details on how the values are added to the payload.

Each Claim on the subject added will have Type translated according to the mapping found in OutboundClaimTypeMap. Adding and removing to OutboundClaimTypeMap will affect the name component of the Json claim.

SigningCredentials(SecurityKey, String) is used to sign RawData.

EncryptingCredentials(SecurityKey, String, String) is used to encrypt RawData or RawPayload .

Applies to

Product Introduced

CreateJwtSecurityToken(SecurityTokenDescriptor)

Creates a Json Web Token (JWT).

public virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken CreateJwtSecurityToken (Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor);
abstract member CreateJwtSecurityToken : Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken
override this.CreateJwtSecurityToken : Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken
Public Overridable Function CreateJwtSecurityToken (tokenDescriptor As SecurityTokenDescriptor) As JwtSecurityToken

Parameters

tokenDescriptor
SecurityTokenDescriptor

A SecurityTokenDescriptor that contains details of contents of the token.

Returns

JwtSecurityToken

Remarks

SigningCredentials is used to sign RawData.

Applies to

Product Introduced

CreateJwtSecurityToken(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials)

Creates a JwtSecurityToken

public virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken CreateJwtSecurityToken (string issuer = default, string audience = default, System.Security.Claims.ClaimsIdentity subject = default, DateTime? notBefore = default, DateTime? expires = default, DateTime? issuedAt = default, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials = default);
abstract member CreateJwtSecurityToken : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken
override this.CreateJwtSecurityToken : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials -> System.IdentityModel.Tokens.Jwt.JwtSecurityToken
Public Overridable Function CreateJwtSecurityToken (Optional issuer As String = Nothing, Optional audience As String = Nothing, Optional subject As ClaimsIdentity = Nothing, Optional notBefore As Nullable(Of DateTime) = Nothing, Optional expires As Nullable(Of DateTime) = Nothing, Optional issuedAt As Nullable(Of DateTime) = Nothing, Optional signingCredentials As SigningCredentials = Nothing) As JwtSecurityToken

Parameters

issuer
String

The issuer of the token.

audience
String

The audience for this token.

subject
ClaimsIdentity

The source of the Claim(s) for this token.

notBefore
Nullable<DateTime>

The notbefore time for this token.

expires
Nullable<DateTime>

The expiration time for this token.

issuedAt
Nullable<DateTime>

The issue time for this token.

signingCredentials
SigningCredentials

Contains cryptographic material for generating a signature.

Returns

JwtSecurityToken

A JwtSecurityToken.

Exceptions

If 'expires' <= 'notBefore'.

Remarks

If Actor is not null, then a claim { actort, 'value' } will be added to the payload. CreateActorValue(ClaimsIdentity) for details on how the value is created.

See for details on how the HeaderParameters are added to the header.

See for details on how the values are added to the payload.

Each Claim on the subject added will have Type translated according to the mapping found in OutboundClaimTypeMap. Adding and removing to OutboundClaimTypeMap will affect the name component of the Json claim.

SigningCredentials(SecurityKey, String) is used to sign RawData.

Applies to

Product Introduced