👀 Views: 0 💬 Answers: 1 📅 Created: 2025-06-14

asp.net-core jwt authentication claims C#

I've been working on this all day and I'm following best practices but I'm dealing with I'm working on an ASP.NET Core 6 application where I need to include custom claims in my JWT token after a user logs in..... I've set up the authentication with JWT tokens but noticed that the custom claims are not appearing in the token, even though I believe I've configured everything correctly. I'm using `Microsoft.AspNetCore.Authentication.JwtBearer` for JWT authentication. Here’s the code I have in my `Login` method for generating the token: ```csharp public async Task<IActionResult> Login([FromBody] LoginModel model) { var user = await _userManager.FindByNameAsync(model.Username); if (user == null || !await _userManager.CheckPasswordAsync(user, model.Password)) return Unauthorized(); var claims = new List<Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim("CustomClaimType", "CustomValue") // Custom claim }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: _configuration["Jwt:Issuer"], audience: _configuration["Jwt:Audience"], claims: claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds ); return Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo }); } ``` After logging in, when I decode the JWT token using jwt.io, I can see the standard claims like `sub` and `jti`, but my `CustomClaimType` is missing. I've also double-checked that the claim type is correct and matches what I have in the code. I have configured the JWT authentication in `Startup.cs` as follows: ```csharp services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = _configuration["Jwt:Issuer"], ValidAudience = _configuration["Jwt:Audience"], IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"])) }; }); ``` I’ve tried adding debugging logs to ensure that the claims are being created correctly before the token is generated, and they appear to be fine. I've also confirmed that the `_configuration` object is correctly set up to pull the necessary values from `appsettings.json`. Can anyone point out what I'm missing or if there's a setting that might be preventing my custom claims from being included in the generated JWT? My development environment is Ubuntu. This is my first time working with C# LTS. Am I approaching this the right way? This is my first time working with C# latest. The project is a application built with C#. Hoping someone can shed some light on this.