This sample shows a minimal machine to machine authentication setup using JWT. This authentication is known as OAuth2.0 client_credentials flow. The identity provider is the demo instance of Duende IdentityServer which provides configured OAuth2.0 clients.
Service is configured to accept requests authenticated with a valid bearer access_token issued by the https://demo.duendesoftware.com identity provider with audience and scope valued to 'api'. The authentication is performed by the standard JwtBearer AuthenticationHandler shipped with ASP.NET Core in the Microsoft.AspNetCore.Authentication.JwtBearer nuget package.
Client requests an access_token with the scope 'api' to the identity provider using its client_id and client_secret, then it calls the Service passing its access_token in http headers.
Authorization: Bearer <access_token>