JWT Plugin Setup

We’re trying to setup ServiceStack authentication to use the JWT Auth Provider Plugin. We would like to use an organizational WS02 identity server. Based on the documentation we are unsure how to reference it. We have the necessary url from our administrator, as well as the api consumer key and secret key combined for the api key (which we can set below as AuthKeyBase64). How would we set up this type of scenario?

Plugins.Add(new AuthFeature(
() => new AuthUserSession(),
new IAuthProvider[] {
new JwtAuthProvider(AppSettings)

new JwtAuthProvider(AppSettings)
AuthKeyBase64 = AppSettings.GetString(“AuthKeyBase64”)

If you want to use a different Identity Server you would be creating your own custom Auth Provider not using the existing JWT Auth Provider which issues and Tokens and knows how to populate a Session from its own JWT’s it issues. A custom Identity Server isn’t going to populate its JWT’s with the same contents the JWT Auth Provider expects.

In terms of architecture if you have an external Identity Server issuing its own tokens you’ll only need a JWT Reader that just validates the JWT Token (i.e. doesn’t need to issue them) similar to the Stateless Auth Microservices example.

You may be able to use a lot of the existing JwtAuthProviderReader implementation in your Custom AuthProvider to parse the JWT, the important part is in the PreAuthenticate() method which validates the JWT with the configured keys:

Then if the JWT is valid you can populate a Session by creating a AuthUserSession from the JWT Contents which you can assign to IRequest.Items[Keywords.Session] to authenticate the request: