Overview of ASP.NET Core Authentication

Authentication is the process of determining a user's identity. Authorization is the process of determining whether a user has access to a resource.

Authentication schemes are specified by registering authentication services in Startup.ConfigureServices: We chose to use JwtBearerDefaults.AuthenticationScheme.

An authentication challenge is invoked by Authorization when an unauthenticated user requests an endpoint that requires authentication.


  • https://docs.microsoft.com/en-us/aspnet/core/security/authentication/?view=aspnetcore-5.0
  • https://docs.microsoft.com/en-us/aspnet/core/fundamentals/startup?view=aspnetcore-5.0

I finished! On to the next chapter