ASP.Net Core Bearer Authentication + flutter client


I have a problem with Bearer Authentication in ASP.NET Core 3.1 Web Api project.

I configured authentication like that:

                .AddJwtBearer(options =>
                    options.RequireHttpsMetadata = false;
                    options.TokenValidationParameters = new TokenValidationParameters
                        ValidateIssuer = true,
                        ValidIssuer = AuthHelper.Issuer,
                        ValidateAudience = true,
                        ValidAudience = AuthHelper.Audience,
                        ValidateLifetime = true,
                        IssuerSigningKey = AuthHelper.GetSymmetricSecurityKey(),
                        ValidateIssuerSigningKey = true,


Also, I added [Authorize] attribute in my controller and app.UseAuthorization(); in Configure method.

I configured the request in Postman. I tried to configure authorization in the "Authorization" tab and manual way (adding "Authorization" header). The same result: I get the correct answer without any errors.

However, when I send the request from my flutter app, I get a "404 Not Found" error.

Get request from flutter app:

Map<String, String> authHeaders = <String, String>{
    'Content-Type': 'application/json; charset=UTF-8',
    'Authorization': 'Bearer $authToken'
    final response = await http.get(_url, headers: authHeaders);

Any ideas? What am I missing?


I know what the problem is.
My controller still uses Cookies authentication method (not bearer).

Solution: Replace [Authorize] by [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]

Why request from Postman works properly?

Postman sets cookies and remembers Cookies for other requests.
So when I tested the signin controller, Postman added .AspNetCore.Identity.Application cookie to own collection.

Answered By – Nikita Belov

Answer Checked By – Gilberto Lyons (FlutterFixes Admin)

Leave a Reply

Your email address will not be published. Required fields are marked *