OAuth 2, JWT and ClaimsPrincipal

Nov 2, 2015 at 3:21 PM
I have a web site and web api project that are secured with OAuth2 using a AD B2C instance.

If I use the MS example project, everything works fine with the bearer token flowing down to the web api and being converted into a ClaimsPrincipal.

On my app though, the login and token acquisition works fine but when it arrives at the web api it doesn't get turned into a ClaimsPrincipal so as far as the api is concerned the caller is not authenticated.

Usual staring at the code as put a simpler test case in my project with the same (non)-result.

My question is how I can determine where the process is failing, is there some logging I can turn on or can I step into the OWIN processes etc to find out what it doesn't like?