Hello,
I want to create jwt token using Asymmetric algorithms (public and private key for authenticity). I can see by default Symmetric algorithm is used to signing the jwt using HMAC.
So can you please let me know which method I should use read XML file, Pem file or p12 file. and how to use?
I can also see BouncyCastle this package for crypto, so where this package is used and for what purpose?
8 Answer(s)
-
0
hi HubOneSystems
It simply replaces
signingCredentialsandIssuerSigningKey. For specific algorithm details, you can find it in google, such as:https://zaven.co/blog/user-authentication-asp-net-web-api-2-rsa-jwt-tokens-part-3/
-
0
Thanks for the information @maliming.
Is the below scenario possible for public and private key.
Having single private key and different public keys for different tenant and manage and validate request using jwt in asp .net zero project?
-
0
Having single private key and different public keys for different tenant and manage and validate request using jwt in asp .net zero project?
If I remember correctly the public and private keys are paired.
And it is not possible to identify tenants before jwt certification.
In short, this is impossible.
-
0
Thanks for reply, So any other way, you would like to suggest to secure api's (web.host) for different tenants (clients) with different secure key or key pair for each clients? using jwt or any other way for Asp net zero (Angular + Asp net core).
Please suggest
Regards,
-
0
Hi @HubOneSystems,
Correct.
-
0
I mean any other way to do the same? as I mentioned to secure api's (web.host) for different tenants (clients) with different secure key or key pair for each clients?
-
0
hi HubOneSystems
There is no other way to achieve it. see https://support.aspnetzero.com/QA/Questions/8373#answer-3826b7e8-a514-9687-60e2-39f2e7719a1b
-
0
This issue is closed because of no recent activity. Please create a new issue if you are still having this problem.
