How to remotely access the Identity Manager API hosted on IdentityServer3?

Question

I have searched and found something but without full documentation here.

Could someone please give me a step by step explanation?

I have IdentityServer3 well-configured and I confirm that I can access the IdentityManager through the browser and manage users perfectly. Now, I need to manage users but from another custom made application. So I need to:

Login through the custom app
Manage users through the Idm API.

I have used the "ResourceOwner" grant and used the "idmgr" scope to get an access token: https://localhost:44376/ids/connect/token.

But when I use that token to access https://localhost:44376/idm/api/users?count=10&start=0, I get the message "Authorization has been denied for this request."

Do you have correct role claim set for logged in user? http://stackoverflow.com/questions/35677334/secure-identitymanager-with-identityserver3/ — rawel, Dec 07 '16 at 03:24
@rawel I have 2 roles "Administrator" and "IdentityManagerAdministrator", setup for this user — Jalal El-Shaer, Dec 07 '16 at 07:18

score 0 · Answer 1 · answered Dec 10 '16 at 01:48

        var client = new HttpClient();
        var dic = new Dictionary<string, string>();
        dic.Add("client_id", "mvc");
        dic.Add("client_secret", "secret");
        dic.Add("grant_type", "password");
        dic.Add("scope", "openid profile");
        dic.Add("username", "yazan@catec.ae");
        dic.Add("password", "P@ssword1");

        var content = new FormUrlEncodedContent(dic);

        var msg = client.PostAsync("https://localhost:44383/identity/connect/token", content).Result.Content.ReadAsStringAsync().Result;
        string token = Newtonsoft.Json.JsonConvert.DeserializeObject<dynamic>(msg).access_token;

        var jwt = new JwtSecurityToken(token);
        var identity = new ClaimsIdentity("ApplicationCookie", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
        foreach (var c in jwt.Claims)
        {
            var t = c.Type;
            var v = c.Value;

            identity.AddClaim(new Claim(t, v));

        }
            IAuthenticationManager authenticationManager = HttpContext.GetOwinContext().Authentication;
            authenticationManager.SignOut("ApplicationCookie");
            authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, identity);

        return Redirect("Index");

How to remotely access the Identity Manager API hosted on IdentityServer3?

1 Answers1