I am new to all of this so please bear with me if this is a silly question. I have so far figured out how to generate a JWT and validate it (created a little program while learning). I have also learnt how to create a web API (again created a little program which queries the database and shows in postman). What I am trying to accomplish is that we want to create API so our customers can create their own site/apps. we are using JWT so how would I tell all my controllers to first go off and validate the JWT coming in the URL. It will also be base64 encoded with the claims being encrypted. However I know what I need to do with all of that as I have been playing around. My issue is how do I tell a call to one of what will be many controllers to first go off and validated the token. I have looked online and it seems that a lot use OWIn which I do not have the luxury off.
So if anyone is interested (probably not judging by the lack of response) so attributes and using the authorization filter seems to do the trick, well while testing anyway.