-
Notifications
You must be signed in to change notification settings - Fork 599
Jwt - IDX10500: Signature validation failed. No security keys were provided to validate the signature. #1741
Comments
There are some validations that can't be turned off. @brentschmaltz |
@Tratcher Thanks for the info. So I should write a middleware that populates Controller.User based on JWT but without validation, right? Does this sound like a good solution? |
Is the other validation code guaranteed to run first? |
@Tratcher The other validation code is completely separate, it is in another application (AWS Gateweay Authorizer), and yes it will run first. |
This middleware seems to do the job for me. I am sharing it here in case anyone else needs it.
Then in your
Now, in your controller you can get the User as usual:
|
@Tratcher @makcakaya you can set the delegate TokenValidationParameters.SignatureValidator to just return a JwtSecurityToken. So you want to delegate the validation to an off box service? |
@brentschmaltz Thanks for the info. Just to make my case clear, the validation of JWT is done in another application (call it application A) (AWS Custom Authorization). If only the validation succeeds, then that application (A) passes/redirects the original request to my application (application B). So there is no request from B to A for authorization. |
v 2.0.1
I am trying to get Controller.User set by using JWT authentication but I don't want to validate anything (because I do it in another app already).
I am getting following exception:
What might be the problem? As I said I don't want any validation but the library throws a validation exception.
The text was updated successfully, but these errors were encountered: