public static void AddMsftJsonWebToken(this AuthenticationConfiguration configuration, string issuer, string audience, X509Certificate2 signingCertificate) { var validationParameters = new TokenValidationParameters() { AllowedAudience = audience, SigningToken = new X509SecurityToken(signingCertificate), ValidIssuer = issuer, ValidateExpiration = true }; var handler = new JWTSecurityTokenHandlerWrapper(validationParameters); configuration.AddMapping(new AuthenticationOptionMapping { TokenHandler = new SecurityTokenHandlerCollection { handler }, Options = AuthenticationOptions.ForAuthorizationHeader(JwtConstants.Bearer), Scheme = AuthenticationScheme.SchemeOnly(JwtConstants.Bearer) }); }