Delivering a JWT SecurityToken to a WCF client

Question

I need to generate and issue a token to clients based on username/password authentication. I\'ve tried several approaches to solving this problem, but all of them have run into

Answer 1

AFAIK, you need a WSFederationBinding for this. Out of the box this only supports Saml tokens. To have it support Jwt tokens, you need to add a securitytokenhandler that is capable of handling it in the WiF pipeline. Unfortunately, the experimental handler from Microsoft is not that configuration file friendly so you need to subclass it to allow you to specify the properties in config. Alternatively, you can use the ThinkTecture Jwt handler, which is also not extremely easy to set up in config. Setting all of this up will take you quite some time and I am not aware of any examples on the web that do this.