1. 首先，确保你在Startup.cs文件中添加了以下代码： services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = Configuration["Jwt:Issuer"], ValidAudience = Configuration["Jwt:Audience"], IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:SecretKey"])) }; });

2. 然后，在你的Controller中添加[Authorize]注解，以确保只有经过身份验证的用户才能够访问特定的API方法。例如：

   [HttpGet] [Authorize] public async Task>> Get() { // your code here }

3. 最后，为用户提供有效的JWT令牌。例如：

   var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, username), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), };

   var token = new JwtSecurityToken ( issuer: Configuration["Jwt:Issuer"], audience: Configuration["Jwt:Audience"], claims: claims, expires: DateTime.UtcNow.AddDays(7), notBefore: DateTime.UtcNow, signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:SecretKey"])), SecurityAlgorithms.HmacSha256) );

   return new JwtSecurityTokenHandler().WriteToken(token);

现在，你的授权验证就应该能够正常工作了。