JwtSecurityTokenHandler.CreateEncodedJwt Method

  • Reference

Definition

Namespace:
System.IdentityModel.Tokens.Jwt
Assembly:
System.IdentityModel.Tokens.Jwt.dll
Package:
System.IdentityModel.Tokens.Jwt v8.1.2

Overloads

CreateEncodedJwt(SecurityTokenDescriptor)

Returns a Json Web Token (JWT).
CreateEncodedJwt(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials)

Creates a JWT in 'Compact Serialization Format'.
CreateEncodedJwt(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials, EncryptingCredentials)

Creates a JWT in 'Compact Serialization Format'.
CreateEncodedJwt(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials, EncryptingCredentials, IDictionary<String,Object>)

Creates a JWT in 'Compact Serialization Format'.

CreateEncodedJwt(SecurityTokenDescriptor)

Returns a Json Web Token (JWT).

public virtual string CreateEncodedJwt (Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor);
abstract member CreateEncodedJwt : Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor -> string
override this.CreateEncodedJwt : Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor -> string
Public Overridable Function CreateEncodedJwt (tokenDescriptor As SecurityTokenDescriptor) As String

Parameters

tokenDescriptor
SecurityTokenDescriptor

A SecurityTokenDescriptor that contains details of contents of the token.

Returns

String

Remarks

A JWS and JWE can be returned.

If EncryptingCredentialsis provided, then a JWE will be created.

If SigningCredentials is provided then a JWS will be created.

If both are provided then a JWE with an embedded JWS will be created.

Applies to

CreateEncodedJwt(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials)

Creates a JWT in 'Compact Serialization Format'.

public virtual string CreateEncodedJwt (string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, DateTime? notBefore, DateTime? expires, DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials);
abstract member CreateEncodedJwt : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials -> string
override this.CreateEncodedJwt : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials -> string
Public Overridable Function CreateEncodedJwt (issuer As String, audience As String, subject As ClaimsIdentity, notBefore As Nullable(Of DateTime), expires As Nullable(Of DateTime), issuedAt As Nullable(Of DateTime), signingCredentials As SigningCredentials) As String

Parameters

issuer
String

The issuer of the token.

audience
String

The audience for this token.

subject
ClaimsIdentity

The source of the Claim(s) for this token.

notBefore
Nullable<DateTime>

The notbefore time for this token.

expires
Nullable<DateTime>

The expiration time for this token.

issuedAt
Nullable<DateTime>

The issue time for this token.

signingCredentials
SigningCredentials

Contains cryptographic material for generating a signature.

Returns

String

A Base64UrlEncoded string in 'Compact Serialization Format'.

Remarks

If Actor is not null, then a claim { actort, 'value' } will be added to the payload. See CreateActorValue(ClaimsIdentity) for details on how the value is created.

See for details on how the HeaderParameters are added to the header.

See for details on how the values are added to the payload.

Each Claim in the subject will map Type by applying OutboundClaimTypeMap. Modifying OutboundClaimTypeMap could change the outbound JWT.

If SigningCredentials is provided, then a JWS will be created.

Applies to

CreateEncodedJwt(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials, EncryptingCredentials)

Creates a JWT in 'Compact Serialization Format'.

public virtual string CreateEncodedJwt (string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, DateTime? notBefore, DateTime? expires, DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials);
abstract member CreateEncodedJwt : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials * Microsoft.IdentityModel.Tokens.EncryptingCredentials -> string
override this.CreateEncodedJwt : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials * Microsoft.IdentityModel.Tokens.EncryptingCredentials -> string
Public Overridable Function CreateEncodedJwt (issuer As String, audience As String, subject As ClaimsIdentity, notBefore As Nullable(Of DateTime), expires As Nullable(Of DateTime), issuedAt As Nullable(Of DateTime), signingCredentials As SigningCredentials, encryptingCredentials As EncryptingCredentials) As String

Parameters

issuer
String

The issuer of the token.

audience
String

The audience for this token.

subject
ClaimsIdentity

The source of the Claim(s) for this token.

notBefore
Nullable<DateTime>

Translated into 'epoch time' and assigned to 'nbf'.

expires
Nullable<DateTime>

Translated into 'epoch time' and assigned to 'exp'.

issuedAt
Nullable<DateTime>

Translated into 'epoch time' and assigned to 'iat'.

signingCredentials
SigningCredentials

Contains cryptographic material for signing.

encryptingCredentials
EncryptingCredentials

Contains cryptographic material for encrypting.

Returns

String

A Base64UrlEncoded string in 'Compact Serialization Format'.

Exceptions

ArgumentException

If 'expires' <= 'notBefore'.

Remarks

If Actor is not null, then a claim { actort, 'value' } will be added to the payload. CreateActorValue(ClaimsIdentity) for details on how the value is created.

See for details on how the HeaderParameters are added to the header.

See for details on how the values are added to the payload.

Each Claim in the subject will map Type by applying OutboundClaimTypeMap. Modifying OutboundClaimTypeMap could change the outbound JWT.

Applies to

CreateEncodedJwt(String, String, ClaimsIdentity, Nullable<DateTime>, Nullable<DateTime>, Nullable<DateTime>, SigningCredentials, EncryptingCredentials, IDictionary<String,Object>)

Creates a JWT in 'Compact Serialization Format'.

public virtual string CreateEncodedJwt (string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, DateTime? notBefore, DateTime? expires, DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary<string,object> claimCollection);
abstract member CreateEncodedJwt : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials * Microsoft.IdentityModel.Tokens.EncryptingCredentials * System.Collections.Generic.IDictionary<string, obj> -> string
override this.CreateEncodedJwt : string * string * System.Security.Claims.ClaimsIdentity * Nullable<DateTime> * Nullable<DateTime> * Nullable<DateTime> * Microsoft.IdentityModel.Tokens.SigningCredentials * Microsoft.IdentityModel.Tokens.EncryptingCredentials * System.Collections.Generic.IDictionary<string, obj> -> string
Public Overridable Function CreateEncodedJwt (issuer As String, audience As String, subject As ClaimsIdentity, notBefore As Nullable(Of DateTime), expires As Nullable(Of DateTime), issuedAt As Nullable(Of DateTime), signingCredentials As SigningCredentials, encryptingCredentials As EncryptingCredentials, claimCollection As IDictionary(Of String, Object)) As String

Parameters

issuer
String

The issuer of the token.

audience
String

The audience for this token.

subject
ClaimsIdentity

The source of the Claim(s) for this token.

notBefore
Nullable<DateTime>

Translated into 'epoch time' and assigned to 'nbf'.

expires
Nullable<DateTime>

Translated into 'epoch time' and assigned to 'exp'.

issuedAt
Nullable<DateTime>

Translated into 'epoch time' and assigned to 'iat'.

signingCredentials
SigningCredentials

Contains cryptographic material for signing.

encryptingCredentials
EncryptingCredentials

Contains cryptographic material for encrypting.

claimCollection
IDictionary<String,Object>

A collection of (key,value) pairs representing Claim(s) for this token.

Returns

String

A Base64UrlEncoded string in 'Compact Serialization Format'.

Exceptions

ArgumentException

If 'expires' <= 'notBefore'.

Remarks

If Actor is not null, then a claim { actort, 'value' } will be added to the payload. CreateActorValue(ClaimsIdentity) for details on how the value is created.

See for details on how the HeaderParameters are added to the header.

See for details on how the values are added to the payload.

Each Claim in the subject will map Type by applying OutboundClaimTypeMap. Modifying OutboundClaimTypeMap could change the outbound JWT.

Applies to