Stack Overflow
Stack Overflow

Questions tagged [identityserver4]

OpenID Connect Provider and OAuth 2.0 Authorization Server Framework based on ASP.NET Core

IdentityServer4 is an OpenID Connect Provider and OAuth 2.0 Authorization Server Framework built on ASP.NET Core.

Allows for the implementation of single sign-on and access control for modern web applications and APIs using protocols such as OpenID Connect and OAuth2. It supports a wide range of clients like mobile, web, SPAs and desktop applications and is extensible to allow integration in new and existing architectures.

IdentityServer4 is officially certified by the OpenID Foundation and thus spec-compliant and interoperable. It is part of the .NET Foundation, and operates under their code of conduct. It is licensed under Apache 2 (an OSI approved license).

For the .NET 4.x, katana based version see Identity Server 3

5377 questions
92
votes
3 answers

IdentityServer4 register UserService and get users from database in asp.net core

I've searched all over on how to register a UserService with IdentityServer4 in asp.net core, but I cant seem to find the right way to do it. This is the code to register InMemoryUsers found here, however I would like to access users from my MSSQL…
Nick De Beer
  • 5,232
  • 6
  • 35
  • 50
82
votes
19 answers

"InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII is hidden]'"

I've deployed my API and Client app on Docker, but for the life of me, the web app cannot call the API, I keep getting an exception. I added the following line suggested in other posts, but it did not work. IdentityModelEventSource.ShowPII =…
Jane Senya
  • 843
  • 1
  • 6
  • 7
78
votes
4 answers

How to add custom claims to access token in IdentityServer4?

I am using IdentityServer4. I want to add other custom claims to access token but I'm unable to do this. I have modified Quickstart5 and added ASP.NET Identity Core and the custom claims via ProfileService as suggested by Coemgen below. You can…
001
  • 62,807
  • 94
  • 230
  • 350
73
votes
2 answers

.NET Core Identity vs IdentityServer4

The question: Should I use .Net Core Identity or IdentityServer 4 with Identity I need to build app with login/register functionality and allow users to use APIs to import/export data from my software. I also want to have external logins like…
ferdinand
  • 970
  • 1
  • 7
  • 14
68
votes
1 answer

What is the point of configuring DefaultScheme and DefaultChallengeScheme on ASP.NET Core?

I am learning how security works in ASP.NET Core 2.0 and IdentityServer4. I set up the projects with IdentityServer, API and ASP.NET Core MVC Client App. The ConfigureService method in the Client App is shown below. Here I am confused about…
Amal Shalika
  • 1,077
  • 1
  • 13
  • 22
59
votes
5 answers

Authorization header requires 'Credential' parameter

We are using Identity Server4 with .NET Core and deploy the application as AWS Serverless lambda function. When are calling the token endpoint to generated access token we got the following error message: { "message": "Authorization header requires…
Rakesh Kumar
  • 2,701
  • 9
  • 38
  • 66
42
votes
5 answers

The audience is invalid error

I have 3 projects 1- Javascript SPA 2- Web API Project, 3- IdentityServer with EF Core I started debugging API and Identity Server and successfully get the jwt token but, when I try to get value from API method which has Authorize Attribute I get an…
Okan Aslankan
  • 3,016
  • 2
  • 21
  • 26
41
votes
3 answers

How can I use IdentityServer4 from inside and outside a docker machine?

I want to be able to authenticate against an Identity Server (STS) from outside and inside a docker machine. I am having trouble with setting the correct authority that works both inside and outside the container. If I set the authority to the…
Dr Rob Lang
  • 6,659
  • 5
  • 40
  • 60
39
votes
2 answers

Identity Server 4 Authorization Code Flow example

I'm trying to implement Identity Server 4 with AspNet Core using Authorization Code Flow. The thing is, the IdentityServer4 repository on github have several samples, but none with Authorization Code Flow. Does anyone have a sample on how to…
Rafael Miceli
  • 2,014
  • 6
  • 22
  • 34
38
votes
2 answers

Getting Scope Validating error in Identity Server 4 using JavaScript Client in asp.net core

I am getting the below error while making a request to my Identity Server application from my Javascript Client Application. fail: IdentityServer4.Validation.ScopeValidator[0] Invalid scope: openid I have made sure I add the scope in my Identity…
maxspan
  • 13,326
  • 15
  • 75
  • 104
37
votes
5 answers

I am getting "code challenge required" when using IdentityServer4

I am trying to redirect to IdentityServer for authorization, and getting "code challenge required" in redirect URL. An error message shows invalid_request with code challenge required, and also my redirect url…
Shushan
  • 373
  • 1
  • 3
  • 5
36
votes
3 answers

Identity Server 4: adding claims to access token

I am using Identity Server 4 and Implicit Flow and want to add some claims to the access token, the new claims or attributes are "tenantId" and "langId". I have added langId as one of my scopes as below and then requesting that through identity…
Hussein Salman
  • 7,806
  • 15
  • 60
  • 98
35
votes
1 answer

IdentityServer4 vs AspNet.Security.OpenIdConnect.Server vs OpenIddict

In an attempt to understand what I may use for OpenId Connect Server implementation, I have looked into what each of them is: IdentityServer4: an OpenID Connect and OAuth 2.0 framework for ASP.NET Core 2. AspNet.Security.OpenIdConnect.Server:…
Set
  • 47,577
  • 22
  • 132
  • 150
35
votes
1 answer

What is the Signing Credential in IdentityServer4?

We are in the process of implementing Identity Server 4 with our .NET Core web app. I went trough the Identity Server documentation. When configuring the Identity server (using DI) there is the line: .AddTemporarySigningCredential I'm trying to…
Shaul Zuarets
  • 839
  • 2
  • 10
  • 20
35
votes
3 answers

Identityserver 4 and Azure AD

I'm looking into using Identity Server 4 for authentication within a C# based MVC application. I'd like to use accounts stored in Azure AD as a source of valid users but the documentation only seems to refer to Google and OpenID & only mentions…
Patrick
  • 563
  • 1
  • 4
  • 12
1
2 3
99 100