private void configIdentity(IServiceCollection services, IConfigurationSection appSettings) { services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.SaveToken = true; var issuer = appSettings["Issuer"]; var audience = appSettings["Audience"]; var secret = appSettings["Secret"]; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidIssuer = issuer, ValidAudience = audience, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)), ClockSkew = TimeSpan.Zero }; }); services.AddHttpContextAccessor(); services.AddAuthorization(config => { Policy.AddPolicies(config); }); }