public async Task <string> GenerateTokenAsync(IEnumerable <string> permissionNames) { IEnumerable <PermissionClaim> permissionClaims = await permissionHelper.BuildClaimsAsync(permissionNames.Select(x => x.Trim()).Distinct()); List <Claim> tokenClaims = new AuthTokenClaimsBuilder(user: await currentUserService.GetCurrentUserAsync()) .Build() .ToList(); tokenClaims.AddRange(permissionClaims.Select(x => (Claim)x)); // explicit conversion operator var tokenDesciptor = new SecurityTokenDescriptor() { Subject = new ClaimsIdentity(tokenClaims), Audience = jwtOptions.Audience, Issuer = jwtOptions.Issuer, SigningCredentials = new SigningCredentials(key: new SymmetricSecurityKey(jwtOptions.GetSecretBytes()), algorithm: SecurityAlgorithms.HmacSha256) }; var jwtTokenHandler = new JwtSecurityTokenHandler(); SecurityToken securityToken = jwtTokenHandler.CreateToken(tokenDesciptor); string accessToken = jwtTokenHandler.WriteToken(securityToken); return(accessToken); }