brentschmaltz
commented
6 years ago We don't need SecurityKeys, as those are in TokenValidationParameters. Algorithms would be a restriction, for example only allow RSA256, can pass on this for 5.2.5 ClaimsMapping would be a delegate we can make a new issue here. MaximumTokenSize is a duplicate of TokenValidationParameters, so we don't need it.
Api's on this object would allow users to set standard items in tokens that don't change per token, modify claims, etc. A SecruityTokenHandler would have a ctor that takes such an object.
Authority MaximumTokenSize ClaimsMapping SecurityKeys, Algorithms