Junior MVC

This integrates Identity with EF Core using the AspNetUsers, AspNetRoles, etc. tables. 🧾 3. What is claims-based authentication? Follow :

Claims-based authentication is based on claims β€” pieces of information about the user

(like email, role, or permissions).

Each user has a collection of claims represented as key-value pairs.

Example:

new Claim(ClaimTypes.Email, "user@example.com");

new Claim(ClaimTypes.Role, "Admin");

When a user logs in, these claims are stored in their authentication token or cookie β€” used

later for authorization.

πŸ”‘ 4. What are JWT tokens?

JWT (JSON Web Token) is a compact, URL-safe token used for stateless authentication in

APIs.

A JWT contains three parts:

Header.Payload.Signature

Example Payload:

"sub": "user123",

"email": "user@example.com",

"role": "Admin",

"exp": 1735196400

It’s signed (usually with HMAC-SHA256) so that the server can verify it hasn’t been

tampered with.

Follow :

πŸ”’ 5. How do you secure an API using JWT?

Install package:

dotnet add package Microsoft.AspNetCore.Authentication.JwtBearer

More from ASP.NET Core MVC Tutorial

All questions for this course