[Authorize] Always Returns 401 Even With Valid-Looking JWT Token
I’m getting a 401 Unauthorized whenever I call my [Authorize] endpoint, even though I’m sending a JWT.
The token appears correct on the client side — JWT decoders show the expected claims (screenshot 1), and the signature verifies. The token is stored in Local Storage (screenshot 2), and the frontend sends the header: . However, the only endpoint protected with [Authorize] always returns 401 Unauthorized.
C# backend exception:
.
Swagger response:
This is the endpoint I cannot reach (breakpoints never hit):
I’ve also attached the source code of the controller and my Program.cs setup. It might be an issue with my token generation or the way I configured authentication/authorization.
Does anyone know what could be causing this? This issue is part of my highschool graduation project, so any help would be greatly appreciated.
The token appears correct on the client side — JWT decoders show the expected claims (screenshot 1), and the signature verifies. The token is stored in Local Storage (screenshot 2), and the frontend sends the header: . However, the only endpoint protected with [Authorize] always returns 401 Unauthorized.
C# backend exception:
.
Swagger response:
This is the endpoint I cannot reach (breakpoints never hit):
I’ve also attached the source code of the controller and my Program.cs setup. It might be an issue with my token generation or the way I configured authentication/authorization.
Does anyone know what could be causing this? This issue is part of my highschool graduation project, so any help would be greatly appreciated.
