I got this web api I have created. It returns a JWT token when I login with a call from postman.

Besides that I have a ASP.NET MVC client that in a controller calls the Web API and get a token in return.

How can I some how store this bearer token so I can take advantage of the:

[Authorize]

Annotations?

Here is an image of the post call to the token api with a result:

I have a MVC controller where I does something like this to retrieve a token:

          using(var client = new HttpClient()) {
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/x-www-form-urlencoded"));

                var body = String.Format("grant_type=password&username={0}&password={1}", model.UserName, model.Password);
                StringContent theContent = new StringContent(body, System.Text.Encoding.UTF8, "application/x-www-form-urlencoded");
                HttpResponseMessage response = await client.PostAsync("https://localhost:44300/oauth/token", theContent);
                if (response.IsSuccessStatusCode) {
                    var tokenResponse = await response.Content.ReadAsStringAsync();
                    var json = JObject.Parse(tokenResponse);

                    var token = json["access_token"].ToString();
                    var expires = json["expires_in"].ToString();

                    HttpContext.Response.Cookies.Add(new HttpCookie("AccessToken") {
                        Value = token,
                        HttpOnly = true
                    });

                    HttpContext.Session["AccessToken"] = token;


                    return RedirectToAction("Index", "Home");

Here it gets and sets a cookie, but won't work with the [Authorize] annotations.