KestrunHostAuthnExtensions.AddJwtBearerAuthentication method (1 of 2)
Adds JWT Bearer authentication to the Kestrun host.
Use this for APIs that require token-based authentication.
public static KestrunHost AddJwtBearerAuthentication(this KestrunHost host,
string authenticationScheme = "JwtBearer", string? displayName = "JWT Bearer Authentication",
Action<JwtAuthOptions>? configureOptions = null)
| parameter | description |
|---|---|
| host | The Kestrun host instance. |
| authenticationScheme | The authentication scheme name (e.g. “Bearer”). |
| displayName | The display name for the authentication scheme. |
| configureOptions | Optional configuration for JwtAuthOptions. |
Examples
HS512 (HMAC-SHA-512, symmetric)
RS256 (RSA-SHA-256, asymmetric)
Requires a PEM-encoded private key file.
using var rsa = RSA.Create();
rsa.ImportFromPem(File.ReadAllText("private-key.pem"));
var rsaKey = new RsaSecurityKey(rsa);
host.AddJwtBearerAuthentication(
scheme: "Rs256",
issuer: "KestrunApi",
audience: "KestrunClients",
validationKey: rsaKey,
validAlgorithms: new[] { SecurityAlgorithms.RsaSha256 });
ES256 (ECDSA-SHA-256, asymmetric)
Requires a PEM-encoded private key file.
using var ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP256);
var esKey = new ECDsaSecurityKey(ecdsa);
host.AddJwtBearerAuthentication(
"Es256", "KestrunApi", "KestrunClients",
esKey, new[] { SecurityAlgorithms.EcdsaSha256 });
See Also
- class KestrunHost
- class JwtAuthOptions
- class KestrunHostAuthnExtensions
- namespace Kestrun.Hosting
KestrunHostAuthnExtensions.AddJwtBearerAuthentication method (2 of 2)
Adds JWT Bearer authentication to the Kestrun host using the provided options object.
public static KestrunHost AddJwtBearerAuthentication(this KestrunHost host,
string authenticationScheme = "JwtBearer", string? displayName = "JWT Bearer Authentication",
JwtAuthOptions? configureOptions = null)
| parameter | description |
|---|---|
| host | The Kestrun host instance. |
| authenticationScheme | The authentication scheme name. |
| displayName | The display name for the authentication scheme. |
| configureOptions | Optional configuration for JwtAuthOptions. |
Return Value
The configured KestrunHost instance.
See Also
- class KestrunHost
- class JwtAuthOptions
- class KestrunHostAuthnExtensions
- namespace Kestrun.Hosting