Nedo.AspNet.Authentication.TokenManagement
2.0.2
There is a newer version of this package available.
See the version list below for details.
See the version list below for details.
dotnet add package Nedo.AspNet.Authentication.TokenManagement --version 2.0.2
NuGet\Install-Package Nedo.AspNet.Authentication.TokenManagement -Version 2.0.2
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Nedo.AspNet.Authentication.TokenManagement" Version="2.0.2" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="Nedo.AspNet.Authentication.TokenManagement" Version="2.0.2" />
<PackageReference Include="Nedo.AspNet.Authentication.TokenManagement" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add Nedo.AspNet.Authentication.TokenManagement --version 2.0.2
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: Nedo.AspNet.Authentication.TokenManagement, 2.0.2"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package Nedo.AspNet.Authentication.TokenManagement@2.0.2
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=Nedo.AspNet.Authentication.TokenManagement&version=2.0.2
#tool nuget:?package=Nedo.AspNet.Authentication.TokenManagement&version=2.0.2
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
Nedo.AspNet.Authentication.TokenManagement
Access-token forwarding + proactive refresh + client-credentials acquisition for service-to-service calls. Pair with HttpClientFactory so your downstream calls automatically pick up the right token without per-call boilerplate.
Install
dotnet add package Nedo.AspNet.Authentication.TokenManagement
What it does
ITokenManager— central token surface. Returns a fresh access token for a named client, refreshing transparently when the cached one is within theProactiveRefreshThreshold.ITokenStore— pluggable persistence (default: in-memory; swap forIDistributedCache/ Redis / EF for multi-instance hosts).AddTokenForwarding(clientName)—HttpClientintegration. Adds theAuthorization: Bearer …header on every outbound request to the named downstream API, refreshing as needed.
Quickstart — forward the caller's token to a downstream API
using Nedo.AspNet.Authentication.TokenManagement;
builder.Services.AddTokenManagement();
builder.Services
.AddHttpClient("downstream-api", c => c.BaseAddress = new("https://api.internal/"))
.AddTokenForwarding(); // injects Authorization header from the current request
// In a handler:
public class OrdersService(IHttpClientFactory factory)
{
public Task<HttpResponseMessage> GetAsync()
=> factory.CreateClient("downstream-api").GetAsync("/orders");
// ↳ outbound request carries the caller's bearer token automatically
}
Quickstart — client-credentials for unattended jobs
builder.Services.AddTokenManagement(opts =>
{
opts.AddClient("background-worker", c =>
{
c.Authority = "https://idp.example.com";
c.ClientId = "worker";
c.ClientSecret = builder.Configuration["Worker:Secret"];
c.Scope = "api.read api.write";
});
});
// In a job:
public class NightlyReport(ITokenManager tokens, IHttpClientFactory factory)
{
public async Task RunAsync(CancellationToken ct)
{
var token = await tokens.GetAccessTokenAsync("background-worker", ct);
var client = factory.CreateClient("downstream-api");
client.DefaultRequestHeaders.Authorization = new("Bearer", token);
// …
}
}
Why use this
- Proactive refresh — tokens within
ProactiveRefreshThresholdof expiry are refreshed before the next outbound call, avoiding the "401 → refresh → retry" round-trip on every request. - Single source of truth — one cache shared across
HttpClientinstances; no race-condition refresh storms. - No per-handler boilerplate — the
AddTokenForwarding()extension wires theDelegatingHandlerso domain code stays clean.
Docs
docs/06-token-management.md — full guide including ITokenStore swapping, multi-instance considerations, scope handling.
Related
| Package | Role |
|---|---|
Nedo.AspNet.Authentication |
Required peer — provides IAuthContext so the forwarding handler knows which token to forward. |
License
MIT — see LICENSE.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net9.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 9.0.0)
- Nedo.AspNet.Authentication (>= 2.0.2)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.