uprashanth
uprashanth
PostsComments
KKinde
Created by LIFE on 12/6/2023 in #💻┃support
Resolving auth in back-end (.NET) with token retrieved from front-end (React)
No description
49 replies
KKinde
Created by LIFE on 12/6/2023 in #💻┃support
Resolving auth in back-end (.NET) with token retrieved from front-end (React)
@skywalker-kiwi#02131 Here is the code which works for me. Backend code: 
builder.Services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;

})
 .AddJwtBearer(options =>
 {
    options.SaveToken = true;
    options.Authority = @"https://youdomain.kinde.com";
    options.Audience = @"https://youdomain.kinde.com/api";
    options.MapInboundClaims = false;
    options.TokenValidationParameters.NameClaimType = "sub";
    options.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidateLifetime = true,
        ValidateIssuerSigningKey = true,
        ValidIssuer = "https://youdomain.kinde.com",
        ValidAudience = "https://youdomain.kinde.com/api",
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("key"))
    };
 });
builder.Services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;

})
 .AddJwtBearer(options =>
 {
    options.SaveToken = true;
    options.Authority = @"https://youdomain.kinde.com";
    options.Audience = @"https://youdomain.kinde.com/api";
    options.MapInboundClaims = false;
    options.TokenValidationParameters.NameClaimType = "sub";
    options.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidateLifetime = true,
        ValidateIssuerSigningKey = true,
        ValidIssuer = "https://youdomain.kinde.com",
        ValidAudience = "https://youdomain.kinde.com/api",
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("key"))
    };
 });
To send audience in token add the following in your React app: 
<KindeProvider
  clientId={import.meta.env.VITE_KINDE_CLIENT_ID}
  domain={import.meta.env.VITE_KINDE_DOMAIN}
  logoutUri={import.meta.env.VITE_KINDE_LOGOUT_URL}
  redirectUri={import.meta.env.VITE_KINDE_REDIRECT_URL}
  audience={import.meta.env.VITE_KINDE_AUDIENCE} // <-- Add this line
>
  <App />
</KindeProvider>
<KindeProvider
  clientId={import.meta.env.VITE_KINDE_CLIENT_ID}
  domain={import.meta.env.VITE_KINDE_DOMAIN}
  logoutUri={import.meta.env.VITE_KINDE_LOGOUT_URL}
  redirectUri={import.meta.env.VITE_KINDE_REDIRECT_URL}
  audience={import.meta.env.VITE_KINDE_AUDIENCE} // <-- Add this line
>
  <App />
</KindeProvider>
In the .env file: 
VITE_KINDE_AUDIENCE=https://youdomain.kinde.com/api
VITE_KINDE_AUDIENCE=https://youdomain.kinde.com/api
49 replies