public JsonResult CheckAADJWT(string token, string tenantId, string clientId) { var stsDiscoveryEndpoint = $"https://login.microsoftonline.com/{tenantId}/v2.0/.well-known/openid-configuration"; var signingKeys = _verifyService.GetSigningKeys(stsDiscoveryEndpoint, token, tenantId, clientId); if (signingKeys == null) { return(new JsonResult(new { status = false, msg = $"Token validation failed. You can try it later." })); } var isValidity = _verifyService.ValidateAADJWT(token, tenantId, stsDiscoveryEndpoint, signingKeys, false); if (isValidity) { // token is valid if (!_verifyService.ValidateJWTExpirationTime(_verifyService.GetClaim(token, "exp"), 0)) { // token is expired return(new JsonResult(new { status = false, msg = $"Token is expired." })); } // token is valid and not expired return(new JsonResult(new { status = true, msg = "Token is valid." })); } return(new JsonResult(new { status = false, msg = $"Token validation failed." })); }