#Anyone have an example of Umbraco Members combined with JWT authentication?

I would like to know if I can authenticate as a member in an api using a JWT token. If anyone happens to already have something on the shelf for this and is willing to share, that would make me happy. It would save me some research time.

Custom API or Content Delivery API ?

And where are is the JWT from?

I've previously done this loads with JWTs from an external authentication system against custom APIs.

Let me dig out the code

Hmm... I have code for 7 and 8, but neither of those projects has been upgraded yet. I previously used the UmbracoIdentity package, but as per this comment (https://github.com/Shazwazza/UmbracoIdentity/issues/145#issuecomment-903872634) you shouldn't need it anymore. It should be possible to configure standard UseJwtBearerAuthentication authentication middleware.

Thanks for taking the time to share your insights 😄
We're about to start a new Umbraco 10 project and it's likely going to be an SPA. The content of the website is public, but we'll be displaying a load of personal data and the client needs a way to manage their users.

So more concretely: The website itself could generate the jwt token if it's possible to create a member login with an SPA approach.

The token will be used against custom API endpoints on the website itself to identify the visitor. Members is just a convenient way to have management capabilities over the users who access the application.

Generating JWTs yourself is annoyingly difficult to do well. A lot depends on your setup and how the auth is configured. Where we've done that previously we've had an external authentication provider - but that's because the entire app is behind an auth gateway, so it didn't matter.
If the FE app and umbraco are going to be hosted on the same domain I'd consider a cookie and using CookieAuthentication.
In either case you'd need to provide a custom Provider and/or ValidateIdentity function to validate the subject against the member database.