Are bootstrap tokens, from the CurrentPrinciples IClaimsPrincle identities[0], encrypted? In particular if the original token was encrypted.
Thanx in advance, Michael
No - the session token (which holds the bootstrap token) gets generated from the IClaimsPrincipal - that's after decryption.
But the session token itself is encrypted by default.
