Token authentication in ASP.NET Core is a mixed bag. The ability to protect routes with Bearer header JWTs is included, but the ability to generate the tokens themselves has been removed and requires the use of custom middleware or external packages.
How do you implement both sides of token authentication – token verification and token generation – on the new ASP.NET Core stack? Check out my article that includes sample code here: