What is the difference between 'Authenticate' and 'Authorize' modes?

'Authenticate' mode requires only a valid JWT to access the API, while 'Authorize' mode requires both a valid token and specific Keycloak RPT permissions.

Does this skill help with claims management?

Yes, it automatically enriches user identities with standard JWT claims, aggregated roles, and RPT permissions when using Authorization mode.

What authentication providers are supported?

While optimized for Keycloak integration, the skill configures standard JWT Bearer validation compatible with most OIDC-compliant identity providers.

How do I handle multiple permissions in my controllers?

You can use the Authorize attribute with comma-separated policies; the system will grant access if any of the specified permissions match.

JWT Bearer Authentication for affolterNET

Name: JWT Bearer Authentication for affolterNET
Author: Mcafee123

byMcafee123

0•

API Development

Configures secure JWT Bearer authentication and Keycloak integration for .NET Web APIs using the affolterNET framework.

The jwt-auth skill streamlines the implementation of identity management and access control within affolterNET.Web.Api projects. It provides a standardized way to configure OIDC providers like Keycloak, supporting multiple authentication modes ranging from basic token validation to complex RPT-based permission checks. By automating the setup of claims enrichment and policy-based authorization, this skill ensures that developers can quickly secure their backend services using industry-standard security patterns and robust integration logic.

Key Features

01Configurable authentication modes (None, Authenticate, Authorize)

02Automatic claims enrichment and role aggregation

03Seamless Keycloak OIDC integration

04Policy-based authorization with Keycloak RPT permissions

05Standardized configuration for appsettings.json and Program.cs

060 GitHub stars

Use Cases

01Implementing fine-grained resource permissions using RPT tokens

02Setting up standardized JWT validation for microservices

03Securing a .NET Web API with Keycloak identity management

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mcafee123/affolternet.web jwt-auth

For use in Claude.ai and ChatGPT

Download Skill