Endatix JWT Customization
The built-in Endatix JWT provider offers secure, stateless authentication with full customization options. This guide shows you how to configure and customize JWT authentication for your specific needs.
Overview
The Endatix JWT provider is automatically included and provides:
- Stateless Authentication: No server-side session storage required
- Secure Token Handling: Server-side only, never exposed to client
- Automatic Integration: Seamless communication between Hub and API
- Flexible Configuration: Customizable token lifetimes and validation
Basic Configuration
EndatixAPI Configuration (appsettings.json)
- Development
- Production
// appsettings.Development.json
{
"Endatix": {
"Auth": {
"Providers": {
"EndatixJwt": {
"Enabled": true,
"SigningKey": "L2yGC_Vpd3k#L[<9Zb,h?.HT:n'T/5CTDmBpDskU?NAaT$sLfRU",
"AccessExpiryInMinutes": 900,
"RefreshExpiryInDays": 7,
"Issuer": "https://localhost:5001"
}
}
}
}
}
// appsettings.json
{
"Endatix": {
"Auth": {
"Providers": {
"EndatixJwt": {
"Enabled": true,
"SigningKey": "{JWT_SIGNING_KEY_SECRET}",
"AccessExpiryInMinutes": 15,
"RefreshExpiryInDays": 30,
"Issuer": "https://api.yourdomain.com"
}
}
}
}
}
Endatix Hub Configuration
The Endatix JWT provider is automatically registered - no additional setup required. Below is the default configuration in the .env file:
# .env
# You can generate a secure AUTH_SECRET key using `npx auth secret` from the root of the Endatix Hub project
AUTH_SECRET=QKYuOMS2deIInJt9q6WNmWwuh9QtL7BPKKQfTG/KI48=
# Needed for production deployment to ensure the authentication works correctly under reverse proxy - https://authjs.dev/getting-started/deployment
AUTH_TRUST_HOST=true