How does the Resource Server (ASP.NET MVC 5 site) validate the bearer token RRS feed

  • Question

  • User-1939321229 posted

    I am developing a MVC 5 site that is dependant on Google for authentication.  I understand that the bearer token approach is used by ASP.NET for this purpose.  My question is

    How (what mechanism) does the framework (ASP.NET) use to validate that the bearer token is valid and not just some randomly generated characters?

    Saturday, May 3, 2014 10:30 AM


  • User1779161005 posted

    The token is signed by the issuer (authorization server) and the resource server trusts the issuer (by using either a shard key or the public key).

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Saturday, May 3, 2014 10:35 AM