I'm using ASP.NET Core Web API with two login parts one for normal and one for a database login works great and the database login works great but I can't store the username in existing JWT, so I can use in other stored procedures with the username that I use to login in database login?
I have already tried to add a new claim when I execute the stored procedure but it didn't also tried to store in header it didn't work.
Should I consider using two JWT or should I just try to update the existing one?
Should I consider using two JWT or should I just try to update the existing one?
If you want to update an existing JWT token without generating a new one, the JWT standard does not support modifying a token after it is issued because it would invalidate the signature. However, if you want to keep the existing claims and just update or add new ones without invalidating the token, you need to issue a new token with the updated claims.
Can i generate like two JWT tokens one for log in one for database is that okay or may i have issues
It would certainly introduces some complexity in managing and validating these tokens for example, keeping both tokens in sync and ensuring they are invalidated correctly can be challenging. However, you can have two tokens but not sure what additional issue it may cause.
Anyway, while it’s technically feasible to issue two separate JWT tokens, ensure that your application handles them appropriately. If the complexity becomes unmanageable, consider revisiting the single token approach with updated claims.
Note: Please refer this official document for additional information and clarity.