Hello:
In my asp .net core (1.1), I have implemented bearer token authentication and authorization as explained in this article:
https://code.msdn.microsoft.com/How-to-achieve-a-bearer-9448db57
1) The asp .net core service is hosted in IIS.
2) The token is set to expire after one day
3) When the user logs in, the token is generated, all the "Authorize" methods work well using the token.
4) However, if the user is idle for sometime and then performs a call to the service, the service returns 401 error and I see the following information in the response headers
WWW-Authenticate: Bearer error="invalid_token", error_description="The signature is invalid"
What's the cause of this error? Is the token expired (but I set it to expire after 1 day)
Can someone help what's causing the issue? Is it the IIS doing something?
Thanks!
↧
WWW-Authenticate: Bearer error="invalid_token", error_description="The signature is invalid"
↧