public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken) { ClaimsPrincipal result = null; var principal = _tokenHandler.ValidateToken(securityToken, validationParameters, out validatedToken); Task.WaitAll(Task.Run(async() => { if (_httpContextAccessor.HttpContext != null) { var host = _httpContextAccessor.HttpContext.Request.Host.Value; var domain = UrlParser.GetSubDomain(host); var userId = principal.Claims.FirstOrDefault(c => c.Type == ClaimTypes.PrimarySid) ?.Value; var user = await _userService.GetUserByIdAndTenant(userId, domain); if (user != null) { result = principal; } } })); if (result == null) { throw new SecurityTokenValidationException(); } return(result); }