Comments (7)
leastprivilege
commented on August 10, 2024
2
The old access token validation endpoint is not supported in IS4 anymore.
Either switch to local validation - or if you are using reference tokens - configure a scope name and secret in the validation middleware to use introspection.
See here for our cross version compat tests:
https://github.com/IdentityServer/CrossVersionIntegrationTests
from identityserver4.accesstokenvalidation.
leastprivilege
commented on August 10, 2024
2
your last snippet looks good - that's thats needed.
from identityserver4.accesstokenvalidation.
ruskindantra
commented on August 10, 2024
1
Thank you @leastprivilege, some parts of that API use JWT tokens and some external parts use reference tokens, having said that won't I need both? And I think I got it working with just this:
services.AddAuthentication("Bearer")
.AddIdentityServerAuthentication(options =>
{
options.Authority = "http://localhost:5000";
options.RequireHttpsMetadata = false;
options.ApiName = "api1";
options.ApiSecret = "secret";
})
Note in the above that I haven't used .ClientId as my external clients can be dynamically generated (which all use reference tokens). Is that the correct way of doing it?
from identityserver4.accesstokenvalidation.
alessandroros
commented on August 10, 2024
Oh my god is working! Thanks a lot for what you're doing with this project. Usefull examples.
from identityserver4.accesstokenvalidation.
ruskindantra
commented on August 10, 2024
@leastprivilege I am using a reference token to invoke the API demonstrated in Quickstart1_ClientCredential but I keep getting an InternalServerError. I added this to my API startup.cs:ConfigureServices method hoping it would help but no luck, can you please help?
services.AddAuthentication("Bearer")
.AddOAuth2Introspection(options =>
{
options.Authority= "http://localhost:5000";
options.ClientSecret = "secret";
options.ClientId = "refclient";
options.IntrospectionEndpoint = "http://localhost:5000";
})
.AddIdentityServerAuthentication(options =>
{
options.Authority = "http://localhost:5000";
options.RequireHttpsMetadata = false;
options.SupportedTokens = SupportedTokens.Both;
options.ApiName = "api1";
});
from identityserver4.accesstokenvalidation.
leastprivilege
commented on August 10, 2024
for reference tokens this is all that's needed:
services.AddAuthentication("Bearer")
.AddOAuth2Introspection(options =>
{
options.Authority= "http://localhost:5000";
options.ClientSecret = "secret";
options.ClientId = "refclient";
});
from identityserver4.accesstokenvalidation.
nivs1978
commented on August 10, 2024
Oh my god is working! Thanks a lot for what you're doing with this project. Usefull examples.
What did your Configuration method end up looking. I spend most of the day trying to figure this out, so a working sample snippet would be great. The API samples are in .Net core, and not .Net 4.x and I need to implement IS4 in an old Classic .Net 4.6.2 application.
from identityserver4.accesstokenvalidation.
Related Issues (20)
- Does IdentityServer4.AccessTokenValidation only works in IdentityServer 4 ? HOT 5
- IConfigureOptions<IdentityServerAuthenticationOptions>.Configure() isn't automatically called. HOT 7
- Expose OAuth2IntrospectionEvents in IdentityServerAuthenticationOptions HOT 1
- Exception does not show anything in logs ( try/finally)-IdentityServerAuthenticationHandler HOT 4
- Why are IdentityServerAuthenticationDefaults internal? HOT 1
- Does it work with .net framework 4.7.2? HOT 2
- Support opaque tokens with a dot when used together with JWT HOT 4
- when i upgrade to identitymode version 4 HOT 4
- v3.0.0版本中仍然使用了preview组件
- Is .NETStandard still supported? HOT 3
- Spelling error on documentation comment HOT 2
- Send extra parameters on reference token validation HOT 4
- How to delete a reference token from API in distributed cache? HOT 2
- How does caching (reference token validation) work? I need to invalidate cache when user resets the password. Please help. HOT 3
- IdentityServer4.AccessTokenValidation: The SSL connection could not be established HOT 5
- ConfigureJwtBearer hardcodes MapInboundClaims to false, NameIdentifier is Null IdentityServer, Sub not mapped to NameIdentifier HOT 5
- Any reason why updated version of this library can't stay .netstandard20 or 21? HOT 3
- Get ServiceProvider inside AddOpenIdConnect without BuildServiceProvider HOT 1
- Unable to configure httpClient of HttpDocumentRetriever. HOT 2
- Automatic scope validation? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from identityserver4.accesstokenvalidation.