Just completed course - excellent!

I'm logged in as Jack trying to hit GetEmployeeById for Id 1 but get a 401

So to try and fix - in the server Api project I added the auth policy to `GetEmployeeById' (code below):

[Authorize(Policy = BethanysPieShopHRM.Shared.Policies.CanManageEmployees)]

However, still seeing 401

The API logs show:

Request starting HTTP/1.1 GET https://localhost:44340/api/employee/1
dbug: IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationHandler[9]
AuthenticationScheme: Bearer was not authenticated.
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed.
info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[12]
AuthenticationScheme: BearerIdentityServerAuthenticationJwt was challenged.
info: IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationHandler[12]
AuthenticationScheme: Bearer was challenged.
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 20.0544ms 401

Any help appreciated.

Cheers,
John

It looks like with the way the authentication is set up that the cookie can stay valid while the access token expires. This can cause some weirdness when navigating around the blazor app since the user can be authenticated but can't access the API.