authentication = new AuthenticationConfiguration { // set claims authentication manager ClaimsAuthenticationManager = new ClaimsTransformer(), EnableSessionToken = true, SessionToken = new SessionTokenConfiguration { DefaultTokenLifetime = TimeSpan.FromDays(14), SigningKey = GetSigningKey() } }; // set password validator authentication.AddBasicAuthentication((username, password) => UserCredentials.Validate(username, password)); // add message handler config.MessageHandlers.Add(new AuthenticationHandler(authentication));