Cannot retrieve UserID when endpoint is not decorated with Authenticated attribute

I have an endpoint that does not require authentication but if the user has “logged in” (using a bearer token) I want to still get the user id.


public object Post(FooRequest request)
    var session = Request.GetSession();
    var id = session.UserAuthId.ConvertTo<int>();

Doesn’t return back the UserId.

Can you confirm that a JWT Bearer Token sent with the request? How is it sent? e.g. via Cookie / HTTP Header?

and does the IRequest.GetJwtToken() API return the token?

var jwt = Request.GetJwtToken();

Can you paste the JWT in and check that the “sub” is populated with the Users Id?

mythz - thanks so much for the response. This was total pilot error on my part as I was testing through Swagger / OpenAPI.

For completeness, if anyone runs into the same issue whilst testing with OpenApi, read the docs

In short, you have to prefix the jwt with "Bearer " when setting authorization:

Bearer ey........

or setup the OpenApi plugin as follows:

Plugins.Add(new OpenApiFeature
    UseBearerSecurity = true,

which will add the “Bearer” prefix for you.

1 Like