Afrisys.JwtAuthentication.AspNetCore
1.0.0
See the version list below for details.
dotnet add package Afrisys.JwtAuthentication.AspNetCore --version 1.0.0
NuGet\Install-Package Afrisys.JwtAuthentication.AspNetCore -Version 1.0.0
<PackageReference Include="Afrisys.JwtAuthentication.AspNetCore" Version="1.0.0" />
<PackageVersion Include="Afrisys.JwtAuthentication.AspNetCore" Version="1.0.0" />
<PackageReference Include="Afrisys.JwtAuthentication.AspNetCore" />
paket add Afrisys.JwtAuthentication.AspNetCore --version 1.0.0
#r "nuget: Afrisys.JwtAuthentication.AspNetCore, 1.0.0"
#:package Afrisys.JwtAuthentication.AspNetCore@1.0.0
#addin nuget:?package=Afrisys.JwtAuthentication.AspNetCore&version=1.0.0
#tool nuget:?package=Afrisys.JwtAuthentication.AspNetCore&version=1.0.0
Afrisys.JwtAuthKit
A lightweight JWT authentication and API authorization library for ASP.NET Core.
Designed to simplify secure microservice communication using JWT Audience-based isolation, without complex policy or IdentityServer configuration.
๐ Why This Exists
Modern microservice systems often struggle with:
- Overly complex authentication configuration per service
- Weak service-to-service isolation
- Repeated JWT setup across APIs
- Difficult-to-maintain authorization rules
Afrisys.JwtAuthKit solves this by enforcing a simple principle:
JWT Audience defines API access boundaries
Each API only accepts tokens explicitly intended for it.
โจ Features
- Minimal setup (single-line configuration)
- Automatic JWT Audience validation
- Works with any JWT provider (Duende, Auth0, Keycloak, Azure AD, etc.)
- Lightweight with zero unnecessary dependencies
- Compatible with Controllers and Minimal APIs
- Clean separation of authentication and authorization logic
โก Quick Start
1. Install Package
dotnet add package Afrisys.JwtAuthKit
2. Configure appsettings.json
{
"Auth": {
"Authority": "https://your-identity-server.com",
"Audience": "plumbing-api"
}
}
3. Register in Program.cs
using Afrisys.JwtAuthKit;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthKit(builder.Configuration);
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
4. Secure Your API
[Authorize]
[ApiController]
[Route("api/[controller]")]
public class PlumbingController : ControllerBase
{
[HttpGet]
public IActionResult Get()
{
return Ok("Secure data accessed successfully.");
}
}
๐ How It Works
- Identity Provider issues a JWT token with an
aud(audience) claim - Each microservice defines its expected audience
- The library validates:
- Token signature
- Issuer (Authority)
- Audience match
- If audience mismatch โ request is rejected (401 Unauthorized)
๐งญ Audience Mapping Example
| API Service | Expected Audience |
|---|---|
| Plumbing API | plumbing-api |
| Ecommerce API | ecommerce-api |
| Notification Service | notification-service |
๐งช Example Token Request (Client Credentials)
curl --location 'https://your-identity-server.com/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=plumbing-api' \
--data-urlencode 'client_secret=your-secret' \
--data-urlencode 'grant_type=client_credentials'
Response
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 3600
}
๐๏ธ Architecture Overview
Client / Service
โ
Identity Provider (JWT Issuance)
โ
Afrisys.JwtAuthKit (Validation Layer)
โ
Protected API Resource
โ๏ธ Requirements
- .NET 8 or later
- ASP.NET Core Web API
- Any JWT-compatible Identity Provider
๐ License
MIT License
โค๏ธ Built For
Developers building secure, scalable, and clean microservice architectures.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net10.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 10.0.7)
- Microsoft.IdentityModel.Tokens (>= 8.17.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.