public async Task <string> GenerateToken(AuthenticateResult auth) { var mySecret = await _kvService.GetStringSecret(_config["KeyVault:JWTKey"]); var mySecurityKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(mySecret)); var myIssuer = _config["JwtAuthentication:ValidAudience"]; var myAudience = _config["JwtAuthentication:ValidIssuer"]; var tokenHandler = new JwtSecurityTokenHandler(); var subject = auth.Principal.Identities.FirstOrDefault(); subject.AddClaim(new Claim("UserDBId", "123456", ClaimValueTypes.Integer)); subject.AddClaim(new Claim("", "", ClaimValueTypes.String)); var tokenDescriptor = new SecurityTokenDescriptor { Subject = subject, Expires = DateTime.UtcNow.AddDays(7), Issuer = myIssuer, Audience = myAudience, SigningCredentials = new SigningCredentials(mySecurityKey, SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }