In my last post, I discussed how to setup JWT’s in ASP.NET Core 2. In this post, I’ll extend that example, adding the ability to refresh the JWT when it expires (i.e. refresh tokens). A refresh token will be returned with the JWT when the user logs in. And this new token will be used to refresh the JWT when it expires. We’ll simply create another middleware that handle’s the refresh token.
Continuing from my previous post, I’ll add refresh tokens to the application. The source code for this demo can be found here. Continue reading “Token Based Auth in ASP.NET Core 2 Part 2: Refresh Tokens”