I have a web api for backend and ionic react for front end. Front end authenticates the user and gets many different information, I got the access token and inspected it in jwt.io and there I can see the email address of the client, first name last name etc. How do I inspect the access token in backend? I can't find any code that does that. Would you please point me to an article or tell me how to do it?
Asked
Active
Viewed 167 times
0
-
What do you mean exactly by `inspect`? – Ilia Maskov Sep 07 '21 at 19:35
-
@IliaMaskov it's a jwt token, I want to see it's details, inspect it, "decrypt" – Andi Thomaj Sep 07 '21 at 19:39
-
How does the access token reach frontend? – silkfire Sep 07 '21 at 19:45
-
@silkfire A post request to an endpoint. Once i get the token i want to extract the information it holds encrypted. For example with google I do this: var payload = await GoogleJsonWebSignature.ValidateAsync(googleLoginRequest.IdToken, settings); And I get all the info of the token in the payload. Is there something similar with Microsoft? – Andi Thomaj Sep 07 '21 at 19:50
-
Did you mean that you have a web api project written in asp.net core and your frontend will call the api provided by this project with the access token as the bearer token in the http request header? If so, did you refer to [this document](https://learn.microsoft.com/en-us/azure/active-directory/develop/scenario-protected-web-api-overview)? As the access token is designed for protecting the api. If you just wanna decode the token in your api project, you just need a package which can [decrypt jwt token](https://stackoverflow.com/questions/38340078/how-to-decode-jwt-token). – Tiny Wang Sep 08 '21 at 08:59
-
1I found out how to decode it, I need only to find out how to validate that the token is from Microsoft. – Andi Thomaj Sep 08 '21 at 09:07