For the past year I've been hosting a Web API built with ASP.NET Core 1.1. I recently implemented a new version of the Web API using .NET Core 2.0 but its failing authentication. Following are the relevant code snippets from the working (1.1) and failing (2.0) project Startup.cs files.
.NET Core 1.1
// Startup.Configure Method
app.UseJwtBearerAuthentication(new JwtBearerOptions()
{
Audience = Configuration["aad:clientId"],
AutomaticAuthenticate = true,
AutomaticChallenge = true,
MetadataAddress = Configuration["aad:MetadataAddress"]);
});.NET Core 2.0
// Startup.Configure Method
app.UseMvc().UseAuthentication();
// Startup.ConfigureServices Method
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.Audience = Configuration["aad:clientId"];
options.MetadataAddress = Configuration["aad:MetadataAddress"]);
});doc.microsoft documentation says AutomaticAuthenticate/Challenge have been removed and the default schema (JwtBearerDefaults.AuthenticationScheme) should be used for authentication and challenges.
I'm obviously missing something but I'm not sure what at this point.
Any input you might have will be appreciated.
Thanks,
Dane Vinson