private string BuildToken() { var roles = new[] { "read:rental", "read:books" }; var claims = new[] { new Claim(ClaimTypes.Role, "read:rental"), new Claim(ClaimTypes.Role, "read:books") }; // get options var config = _configuration.GetSection("JwtIssuerOptions"); var configKey = config["JwtKey"]; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var issuerKey = config["JwtIssuer"]; var token = new JwtSecurityToken(issuerKey, config["JwtIssuer"], claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds); var jsonCompactSerializedString = new JwtSecurityTokenHandler().WriteToken(token); string encodedPayload = jsonCompactSerializedString.Split('.')[1]; string decodedPayload = Base64UrlDecode(encodedPayload); object jsonObject = JsonConvert.DeserializeObject(decodedPayload); string formattedPayload = JsonConvert.SerializeObject(jsonObject, Formatting.Indented); return(formattedPayload); }