SignalR Token Renewal

[philip-reed]

Note
The access token function you provide is called before every HTTP request made by SignalR. If you need to renew the token in order to keep the connection active (because it may expire during the connection), do so from within this function and return the updated token.

Can this be elaborated on a little? How does the client know if the token needs to be renewed?
Do I need to ping a URL first to check if the token has expired and then if I get a 401, then send the refresh token to get a new auth token?

Is there any existing guidance / best practice for this?

These seem related:
dotnet/aspnetcore#5283
dotnet/aspnetcore#5297
dotnet/aspnetcore#14578

Thanks.

Edit:
Seems I overlooked the JWT can be parsed on the client to check the expiry.
Presume that's how to do this?

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: d0da2144-3730-f8ef-1d16-a89f11fd6198
• Version Independent ID: 6d8f5bc8-8f5c-ba13-b7f2-0366eac46f81
• Content: Authentication and authorization in ASP.NET Core SignalR
• Content Source: aspnetcore/signalr/authn-and-authz.md
• Product: aspnet-core
• Technology: aspnetcore-signalr
• GitHub Login: @bradygaster
• Microsoft Alias: bradyg

[philip-reed]

More info required from me?
Happy to help if you can let me know where detail is lacking.

Cheers,
Phil

[Rick-Anderson]

Thank you for contacting us. Due to a lack of activity on this discussion issue we're closing it in an effort to keep our backlog clean. If you believe there is a concern related to the ASP.NET Core which hasn't been addressed, please file a new issue.