I'm trying to implement the JWT Bearer Authentication in my AspNetCore MVC app (Web API only) using the JwtBearerMiddleware but am getting a 401
response with header:
WWW-Authenticate: Bearer error="invalid_token", error_description="The signature key was not found"
The relevant code in Startup.cs looks like this:
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
Authority = "https://example.okta.com",
Audience = "myClientId"
});
With the Authority URL I'd expect the middleware to query my Identity Provider metadata from https://example.okta.com/.well-known/openid-configuration
to get the jwks_uri
to then get the signature keys from https://example.okta.com/oauth2/v1/keys
. I don't think this is happening. What do I need to do to get it to find and use the signature keys? Thanks