Token Refresh with Asp.NET Identity

Step by step guide on how refresh Asp.NET API Json Web Tokens (JWT)

The Need

Every properly issued JWT (Json Web Token) has an expiry date, generally within minutes of issuance, and once the expiry date is passed, the token becomes invalid and needs to be re-issued. If the token couldn’t be renewed, the user needs to be redirected to the Login page, to acquire their credentials again. In this post, I will cover how to re-issue a new token based on an expired one.

By the way, this topic belongs to the series to set up Authentication and Authorisation for Asp.NET and React ecosystems.

1. Asp.Net Core Web Api Setup
2. React Single Page App Setup
3. Asp.NET Identity DB Setup
4. Email Sender
5. Sign Up & Activation
6. Check User Authentication Status
7. Change Password
8. Sign In
9. Policy Based Access Management
10. Token Refresh
11. Google Authentication with React and Asp.NET API
12. Microsoft Authentication with React and Asp.NET API
13. Twitter Authentication with React and Asp.NET API

Asp.NET Identity comes with Token Validation Services. When I generate every pair of AccessToken and Refresh token at Login time, I also save them into the database using SetAuthenticationTokenAsync method of Asp.NET Identity UserManager, like the code below:

Note

Configuration, plumbing and troubleshooting your software foundation take a considerable amount of time in your product development. Consider using Pellerex which is a complete foundation for your enterprise software products, providing source-included Identity and Payment functions across UI (React), API (.NET), Pipeline (Azure DevOps) and Infrastructure (Kubernetes).

All I need to do to verify an already issued RefreshToken, is to use the VerifyUserTokenAsync method of UserManager and pass the arguments and get a validation response like below:

If the validation failed, this means the user needs to go to Login page again and sign in. Otherwise, we generate a new pair of AccessToken and RefreshToken and return it to the user without the need to Login again.

If you like to read more on the last two methods GetUserClaims, and GenerateTokens, refer to my detailed post on SignIn with React and Asp.NET API.

Also if you have a need to automate the Refresh Token process into your UI, refer to calling secured API in React using Axios.

Pellerex: Identity Foundation for Your Next Enterprise Software

How are you building your current software today? Build everything from scratch or use a foundation to save on development time, budget and resources? For an enterprise software MVP, which might take 8–12 months with a small team, you might indeed spend 6 months on your foundation. Things like Identity, Payment, Infrastructure, DevOps, etc. they all take time, while contributing not much to your actual product. These features are needed, but they are not your differentiators.

Pellerex does just that. It provides a foundation that save you a lot development time and effort at a fraction of the cost. It gives you source-included Identity, Payment, Infrastructure, and DevOps to build Web, Api and Mobile apps all-integrated and ready-to-go on day 1.

Check out Pellerex and talk to our team today to start building your next enterprise software fast.