This project has moved and is read-only. For the latest updates, please go here.

How do I un-protect an access token?

Aug 20, 2014 at 10:58 AM
I am looking for the correct way to Unprotect an access token after it has been passed to another trusted (MVC5) Web application from the Web API. I got as far as this (in the MVC application):
IDataProtector dataProtecter = Startup.DataProtectionProvider.Create("Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerMiddleware", "Access_Token", "v1");
TicketDataFormat ticketDataFormat = new TicketDataFormat(dataProtecter);
AuthenticationTicket ticket = ticketDataFormat.Unprotect(response.Result.AccessToken);
But this returns nothing; My original more detailed question is here.

But basically I can't find any good examples of using JWT with basic authentication to return a non-private claim so I am resorting to trying to decrypt the access token instead whcih contains the claim set on my API.

Any help / suggestions appreciated.