📣 Wristband ASP.NET JWT SDK 1.0.0 Release 🎉

Release v1.0.0

Key improvements in this release:

• ✅ Aligns with ASP.NET Core authentication patterns
• ✅ Simpler endpoint protection with .RequireWristbandJwt()
• ✅ Programmatic API for advanced scenarios
• ✅ Better developer experience with context extensions
• ✅ Multi-instance support out of the box

Breaking Changes

Migration Guide: v1.x Migration Guide

🔄 Configuration API Restructure

The SDK now integrates with ASP.NET Core's standard JWT Bearer authentication instead of providing a custom service registration.

Migration:

• Replace AddWristbandJwtValidation() with .AddJwtBearer() + .UseWristbandJwksValidation()
• Add AddAuthorization() with .AddWristbandJwtPolicy() policy registration
• Property renamed: WristbandApplicationDomain → WristbandApplicationVanityDomain

🛡️ Authorization API Simplification

Removed:

• WristbandJwtAuthorization.PolicyName string constant
• WristbandJwtAuthorization.GetPolicy() method

New Convenience Method:

• .RequireWristbandJwt() extension for endpoints and route groups

Migration:

• Use .RequireWristbandJwt() for simple JWT authentication
• For complex authorization (JWT + roles/claims), use .RequireAuthorization("WristbandJwt", "OtherPolicy")

📦 .NET Version Requirements

Minimum version updated:

• .NET 6.0 and .NET 7.0 no longer supported (both reached end-of-life)
• Minimum supported version: .NET 8.0
• Also supports .NET 9.0 and .NET 10.0

New Features

🎯 Context Extension Methods

New extension methods for accessing JWT data in endpoints:

Features:

• context.GetJwt() - Extract raw JWT token from Authorization header
• context.GetJwtPayload() - Get validated JWT payload with type-safe claims access
• Type-safe JWTPayload model with standard and custom claims
• Mirrors TypeScript SDK's req.auth.jwt pattern

🔐 Programmatic Validation API

New WristbandJwtValidator class for custom authorization scenarios.

Features:

• Factory method: WristbandJwtValidator.Create(config)
• ExtractBearerToken() - Extract Bearer token from Authorization headers
• Validate(string) - Validate JWT token string and return payload
• Validate(HttpContext) - Validate JWT and automatically populate context.User
• Support for multi-instance JWT validation (see Multi-Instance Guide)

Use Cases:

• Custom authorization handlers
• Service layers and background services
• Multiple Wristband applications in single ASP.NET app
• Any scenario requiring programmatic JWT validation

📋 Enhanced JWT Payload Model

New JWTPayload class:

• Standard JWT claims as properties (Sub, Iss, Exp, Iat, Nbf, Jti)
• Normalized Aud claim (always string[]?)
• GetAudienceAsString() helper for single-audience scenarios
• Claims dictionary for accessing all claims (standard and custom)

🌐 Middleware and Programmatic Dual Support

Two Integration Options:

1. Middleware Integration - Standard ASP.NET Core authentication pipeline
2. Programmatic Validation - Direct API for advanced scenarios

Features:

• Both approaches use the same JWKS validation logic
• Both support configurable JWK cache size and TTL
• Programmatic API enables multi-instance JWT validation
• Clean separation between authentication scheme and programmatic validation

📚 Comprehensive Documentation

New Guides:

• Multi-Instance JWT Validation Guide - Validate JWTs from multiple Wristband apps
• Enhanced README with clear middleware vs programmatic usage
• Migration guide with detailed examples

For full documentation, see the README.