I am using Thinktecture IdentityServer v2, the Relying Party token type is set to none. The code runs fine with this setting.
I am looking to use JWT tokens so I have a common interface from my MVC app to the API, and also from phone/tab app clients to the API.
When I set the token type to JWT, I sign in on IdentityServer then it throws the following error:
ID4014: A SecurityTokenHandler is not registered to read security token ('BinarySecurityToken', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd').
I created a standard MVC app and had set the Authentication to Organizational Accounts -> On premise
, and had set On-Premises Authority to the IdentityServer metadata url.
I plan to call WCF from the MVC app (and perhaps even javascript code on other platforms).
So far I have installed the specific JWT handler Update-Package System.IdentityModel.Tokens.Jwt -Version 3.0.2
(v4.0.0 has an issue apparently with Thinktecture IdentityServer v2) and then set the web.config to include:
However I then get a new exception when logging in:
Jwt10315: Signature validation failed. Keys tried: 'No non-null SecurityKeys were found'.
jwt: '{"typ":"JWT","alg":"RS256","x5t":"_rKoogN25ibGWZGC94xaed9g7FE"}.{"iss":"http://identityserver.v2.thinktecture.com/test","aud":"https://localhost:44302/","nbf":1419269158,"exp":1419305158,"nameid":"user","unique_name":"user","authmethod":"http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password","auth_time":"2014-12-22T17:21:43.655Z"}'
How can I have the MVC app so it can consume JWT tokens?
Why do you want to use JWT? Especially when you want to call WCF at some later point - JWT is the wrong choice. WCF works best with SAML tokens.