authorizationasp.net-web-api2owinbearer-tokenmachinekey

Web Api Token Expiration Error

I'm junior in Web api development. I have implemented token-based authentication to my web api project. I have set token expire time with 14 days. 

OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            AllowInsecureHttp = true,
            Provider = new AuthorizationServerProvider()
        };

The application host in a web host. Even token expire time is 14 days. After some minutes, I send request with token, the response come with unauthorized status code.

I have search about the problem. The problem could be about machine key in ISS.

The following questions , Could you answer? I really wonder them.

  1. Do the tokens encoded or decoded by the machine key in ISS ?
  2. How can I get the machine key ?
  3. Is it safe way that writing the machine key in web.config file?

How can I solve the problem ? Could anyone help me about it ?

Thanks for your kind interest. Best Regards.

Solution

  • You can take machine key in IIS. You have to add machine key under system.web tag in your web.config file.