diff --git a/samples/EShopSample/aspnet-core/src/EShopSample.Web/EShopSampleWebModule.cs b/samples/EShopSample/aspnet-core/src/EShopSample.Web/EShopSampleWebModule.cs
index 650ebf3f..723563d9 100644
--- a/samples/EShopSample/aspnet-core/src/EShopSample.Web/EShopSampleWebModule.cs
+++ b/samples/EShopSample/aspnet-core/src/EShopSample.Web/EShopSampleWebModule.cs
@@ -1,4 +1,5 @@
-using System.IO;
+using System;
+using System.IO;
 using EasyAbp.EShop;
 using EasyAbp.EShop.Plugins;
 using EasyAbp.EShop.Plugins.Web;
@@ -99,6 +100,7 @@ namespace EShopSample.Web
 
             ConfigureUrls(configuration);
             ConfigureBundles();
+            ConfigureAuthentication(context, configuration);
             ConfigureAutoMapper();
             ConfigureVirtualFileSystem(hostingEnvironment);
             ConfigureLocalizationServices();
@@ -118,6 +120,17 @@ namespace EShopSample.Web
             });
         }
 
+        private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
+        {
+            context.Services.AddAuthentication()
+                .AddJwtBearer(options =>
+                {
+                    options.Authority = configuration["AuthServer:Authority"];
+                    options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
+                    options.Audience = "EShopSample";
+                });
+        }
+
         private void ConfigureUrls(IConfiguration configuration)
         {
             Configure<AppUrlOptions>(options =>
@@ -266,7 +279,6 @@ namespace EShopSample.Web
             app.UseStaticFiles();
             app.UseRouting();
             app.UseAuthentication();
-            app.UseJwtTokenMiddleware();
 
             if (MultiTenancyConsts.IsEnabled)
             {