Bearer token auth 401 from angular application but not from Postman

2
votes

I have an API running asp.net core using jwt bearer token authentication. The authentication scheme seems to be working perfectly when I hit the API through Postman providing the Authorization header with my requests.

When I hit the API from my angular application, I get a 200 on the pre-flight request and then a 401 on the actual request.

The WWW-Authenticate message says: 

Bearer error="invalid_token", error_description="The token is expired"

However, when I copy the bearer token out from my request from the angular application, and use that same token in a request from Postman, it works fine and I get my data back.

I'm sure I'm doing something stupid. But sometimes it will work just fine from the angular app, then sometimes when I run it, it will not work at all.

Any ideas are appreciated.

1
angularjsauthenticationasp.net-corepostman
Weird..and you are certain JWT token Expiration is long enough to stay valid between these tests ? How do you store and send the token on the angular side ? - Searching
@Searching, the token expiration is set to 30 minutes so it should be plenty long. ON the angular side, the token is stored in local storage and then added to an Authorization header via an http interceptor. - big_water

1 Answers

1
votes

I had same problem and I solved it.

When I pass token from angular localStorage to Headers it added double quotation and so this was incorrect.

I changed this Authorization: Bearer "token " to Authorization: Bearer token without double quotation and everything is fine now.