C
C#5d ago
Chnapak

[Authorize] Always Returns 401 Even With Valid-Looking JWT Token

I’m getting a 401 Unauthorized whenever I call my [Authorize] endpoint, even though I’m sending a JWT. The token appears correct on the client side — JWT decoders show the expected claims (screenshot 1), and the signature verifies. The token is stored in Local Storage (screenshot 2), and the frontend sends the header: 
Authorization: Bearer eyJhbGciOiJIUzI1...
Authorization: Bearer eyJhbGciOiJIUzI1...
. However, the only endpoint protected with [Authorize] always returns 401 Unauthorized. C# backend exception: 
IDX14102: Unable to decode the header 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9' as Base64Url encoded string.
IDX14102: Unable to decode the header 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9' as Base64Url encoded string.
. Swagger response: 
 content-length: 0 
 date: Thu,20 Nov 2025 19:41:17 GMT 
 server: Kestrel 
 www-authenticate: Bearer error="invalid_token" 
 content-length: 0 
 date: Thu,20 Nov 2025 19:41:17 GMT 
 server: Kestrel 
 www-authenticate: Bearer error="invalid_token"
This is the endpoint I cannot reach (breakpoints never hit): 
[Authorize]
[HttpGet("UserInfo")]
public async Task<ActionResult<LoggedUserModel>> GetUserInfo()
{
    // Code never executes — authorization fails before entering the controller
}
[Authorize]
[HttpGet("UserInfo")]
public async Task<ActionResult<LoggedUserModel>> GetUserInfo()
{
    // Code never executes — authorization fails before entering the controller
}
I’ve also attached the source code of the controller and my Program.cs setup. It might be an issue with my token generation or the way I configured authentication/authorization. Does anyone know what could be causing this? This issue is part of my highschool graduation project, so any help would be greatly appreciated.
No description
No description

message.txt

message.txt

3 Replies
Chnapak
ChnapakOP5d ago
Case closed, I used the wrong package... had to start over the project.
kurumi
kurumi3d ago
$close
MODiX
MODiX3d ago
If you have no further questions, please use /close to mark the forum thread as answered

Did you find this page helpful?