I am looking for the correct way to Unprotect an access token after it has been passed to another trusted (MVC5) Web application from the Web API. I got as far as this (in the MVC application):
IDataProtector dataProtecter = Startup.DataProtectionProvider.Create("Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerMiddleware", "Access_Token", "v1");
TicketDataFormat ticketDataFormat = new TicketDataFormat(dataProtecter);
AuthenticationTicket ticket = ticketDataFormat.Unprotect(response.Result.AccessToken);
But this returns nothing; My original more detailed question is
But basically I can't find any good examples of using JWT with basic authentication to return a non-private claim so I am resorting to trying to decrypt the access token instead whcih contains the claim set on my API.
Any help / suggestions appreciated.