Hi,
I noticed that we have now a new node called encryptedAccessToken.
{
"result": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6I...................3yS-RmskAfvAmmbPkvQ6Oc",
"encryptedAccessToken": "HIINu1cszB7Ow78yl1ysFrluu7uhEg0.....pQvj5MXUQFZRqvQ==",
"expireInSeconds": 86400,
"shouldResetPassword": false,
"passwordResetCode": null,
"userId": 0,
"requiresTwoFactorVerification": false,
"twoFactorAuthProviders": null,
"twoFactorRememberClientToken": null
},
"targetUrl": null,
"success": true,
"error": null,
"unAuthorizedRequest": false,
"__abp": true
}
However i can't seem to find any documentation on it. All i need now is the accessToken. Will that change?
thx Jonas.
1 Answer(s)
-
0
Hi,
Actually encryptedAccessToken is used for a workaround.
In agnular2 app, we needed to secure SignalR connection to server. First we tried to send access token in header but not all SignalR connections support that but all type of SignalR connections support query string parameters.
Because of that, we added an encrypted value of access token to signalr query stirng and check that value on the server by decrypting it to secure SignalR connection.
Access token will be the same, as I said, this is a workaround/solution for securing SignalR connection.
I hope this is clear.