Search code examples
jwttoken

Why JWT Bearer in postman always gives unauthorized?

I am trying to run Bearer in postman and I do have the correct token but it gives me unauthorized.

POSTMAN screenshot

in program.cs I have:

var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("shh...this is a secret!"));

    builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
        .AddJwtBearer(opt =>{
            opt.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuerSigningKey = true,
                ValidateIssuer = false,
                ValidateAudience = false,
                IssuerSigningKey = key
            };
        });

app.UseCors(m => m.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());

    app.UseAuthentication();

    app.UseAuthorization();

is there anything I am missing?

Solution

  • I found the issue and it is with the length of the secret key that should be at least 16 characters long.

    var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("shh, this is a secret key that needs to be a liitle long enough for it to work!"));