using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using Microsoft.IdentityModel.Tokens;
using Microsoft.IdentityModel.Protocols;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
public static void Main()
var tenantId = "7d7fb857-6834-4aba-bcae-80cf7a2db312";
var clientId = "18561306-deba-4485-9418-1fc9e249a313";
var validIssuers = new List<string>()
"https://login.microsoftonline.com/" + tenantId + "/oauth2/v2.0/token"
Console.WriteLine("Hello World");
Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
var authorityUrl = "https://login.microsoftonline.com/" + tenantId + "/v2.0/.well-known/openid-configuration";
ConfigurationManager<OpenIdConnectConfiguration> configManager =
new ConfigurationManager<OpenIdConnectConfiguration>(
new OpenIdConnectConfigurationRetriever());
Console.WriteLine("Load keys...");
OpenIdConnectConfiguration config = null;
config = configManager.GetConfigurationAsync().Result;
Console.WriteLine("... loading keys done");
var accessToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Im5PbzNaRHJPRFhFSzFqS1doWHNsSFJfS1hFZyJ9.eyJhdWQiOiIxODU2MTMwNi1kZWJhLTQ0ODUtOTQxOC0xZmM5ZTI0OWEzMTMiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vN2Q3ZmI4NTctNjgzNC00YWJhLWJjYWUtODBjZjdhMmRiMzEyL3YyLjAiLCJpYXQiOjE2MTU0NTU2NjAsIm5iZiI6MTYxNTQ1NTY2MCwiZXhwIjoxNjE1NDU5NTYwLCJhaW8iOiJBVFFBeS84VEFBQUEzTkppSktFYzFOUy9ZYmZNRktmN3FFYWNVNXUvSGZZVU1zd0Q5VmdQbitmRy9ha21qaHpLbE43UDN6Qzc3Lyt6IiwiYXpwIjoiMTg1NjEzMDYtZGViYS00NDg1LTk0MTgtMWZjOWUyNDlhMzEzIiwiYXpwYWNyIjoiMSIsIm5hbWUiOiJOb3ZvIEd1ZXN0IENsaWVudCIsIm9pZCI6IjM4MGY5NzRmLWEzYjgtNDEwYi04MDFiLTJiYWNmZmE1NWMzNiIsInByZWZlcnJlZF91c2VybmFtZSI6Im5vdm9fZ3Vlc3RfY2xpZW50QGl0cS5kZSIsInJoIjoiMC5BUjhBVjdoX2ZUUm91a3E4cm9EUGVpMnpFZ1lUVmhpNjNvVkVsQmdmeWVKSm94TWZBR3MuIiwic2NwIjoiYWNjZXNzX2FzX3VzZXIiLCJzdWIiOiIwWU9TYS13emxpODNDYVNzMEhIU1JXeGJXcTdhSERLeHJCNEo0WGNXRW9VIiwidGlkIjoiN2Q3ZmI4NTctNjgzNC00YWJhLWJjYWUtODBjZjdhMmRiMzEyIiwidXRpIjoiUmZiN0oyUkRLMEtjQm1CZjU5OEtBQSIsInZlciI6IjIuMCJ9.hfAu4Md5lED9uktd77hJ3q9dPuQ8OrBhHL6PBbcvE2RGIKfbU6um5d80Dv-WLWjY5YtS8aBKsyYkISI8JsxijHfGZPn8sERBY_AKvR8lZvp4cUdRCH5h-ZO6RNKCuUxhUHt1xYRC5uqnhu4auHGmFcEm5PL4rsCrT26nLmrnEYTX8aFjsk0obfNUtbA4-FbzMBknfya7kgLjl2mWhjkmNA2PpRg_6GpIXZtloRYCYPO9WAi4tHR10CXrxfWj8MD5ARLzAt4t0qDRnXAgQidr3rekYMW_VOYovI2o6mvkiGHCjZXyl9A1c3B-THQ9u94vTTXWgE2GllbdlXwTb0c9hg";
var validationParameters = new TokenValidationParameters()
ValidAudiences = new[] { clientId },
ValidIssuers= validIssuers,
IssuerSigningKeys = config.SigningKeys
SecurityToken securityToken;
var tokenValidator = new JwtSecurityTokenHandler();
var claimsPrincipal = tokenValidator.ValidateToken(accessToken, validationParameters, out securityToken);
Console.WriteLine("claimsPrincipal:" + claimsPrincipal);