Stack Overflow
Stack Overflow

Questions tagged [thinktecture]

76 questions
16
votes
3 answers

Skip IdentityServer3 login screen

We have configured Client App to use IdentityServer3 authentication via OpenID Connect protocol (it's ASP.NET MVC App that uses OWIN middleware to support OIDC). The IdentityServer3 itself is configured to use both local login and external login…
Eugene D. Gubenkov
  • 5,127
  • 6
  • 39
  • 71
5
votes
2 answers

AuthorizeAttribute for Actions

TL;DR: How does an MVC app know to redirect to a certain action after going through authentication process when IdentityServer3 does a form post to the return url which is always the root url? The examples in this question are taken from the…
danijels
  • 5,211
  • 4
  • 26
  • 36
5
votes
2 answers

How to use ThinkTecture IdentityServer 3 in Web Api 2

I have been reading a lot about how to implement a full authentication and authorization system in Asp.Net Web Api 2 which includes registering, sending email confirmations, issuing both access tokens and refresh tokens, etc. I have successfully…
Behrooz
  • 1,895
  • 4
  • 31
  • 47
5
votes
1 answer

How to secure IdentityManager with IdentityServer v3

Brock Allen released the new beta version of IdentityManager last week. There are quite some changes in the security model, so the configuration also changed. He even took some videos (Setting up ASP.NET Identity and Security and IdentityManager) on…
ilter
  • 4,030
  • 3
  • 34
  • 51
4
votes
4 answers

how to disable auto login in thinktecture IdentityServer

i have a MVC app with authorization managed by identityserver. When i access first time to my web, it is redirect to identityserver loggin page and after i am redirected to my web again. My problem is, if i logout of identityserver, when i access…
Sem
  • 73
  • 1
  • 6
4
votes
1 answer

Configuring ASP.Net Core to authenticate using OIDC against Thinktecture V2

I'm trying to get an ASP.Net Core to authenticate against Thinktecture V2 uising OpenID Connect (we currently need WS-Trust so can't upgrade). My configuration is as follows app.UseCookieAuthentication(new CookieAuthenticationOptions()); …
Edward
  • 1,043
  • 10
  • 24
4
votes
2 answers

Unable to use IdentityManager API from Postman

I am using postman and I am trying to get the users list from identity Manager. But I am unable to configure the app correctly. I try to get the users from https://localhost/idm/api/users I get the token with the API+idmgr+openid scopes and I have…
Alegrowin
  • 321
  • 1
  • 14
3
votes
0 answers

How to sign security tokens using SHA256 in WIF STS?

I am using Thinktecture STS and would like to sign the issued tokens using SHA256 instead of SHA1? I tried adding the algorithm to the application using: CryptoConfig.AddAlgorithm( typeof(RSAPKCS1SHA256SignatureDescription), …
Homam
  • 23,263
  • 32
  • 111
  • 187
3
votes
0 answers

Invalidating JWT with openID Connect Session management

I have been working on a Single Page application (SPA) using Thinktecture Identity server V2 and OAuth2. I am currently using the implicit flow the workflow as follows, 1. The SPA requests an access token for the Identity server. 2. the token is…
Rajdeep Dosanjh
  • 1,157
  • 1
  • 9
  • 20
3
votes
3 answers

Unable to get token from Thinktecture Authorization Server

I am unable to get an access token from Thinktecture Authorization Server. After successfully getting grant code, I try make a POST request to the token endpoint, but always get a 400 Bad Request with this response: message: "{ "error":…
Michael
  • 161
  • 2
  • 13
3
votes
1 answer

Missing Claims and Identity Info with IdentityServer v3

I have IdentityServer with Membership Reboot and IdentityManager running on a remote server, I've used the Admin UI of IdentityManager to setup a user, and add roles & claims to said user. I'm developing a WebApi/SPA project that will use the…
stroebele
  • 356
  • 3
  • 12
3
votes
1 answer

Thinktecture ResourcAuthorization, no AuthorizationManager set

I am trying to build a sample web application using the Thinktecture sample ResourceAuthorization from github. Now I have an action in the controller decorated with authorize attribute: [ResourceAuthorize("Edit", "Resource")] public ActionResult…
greenhoorn
  • 1,601
  • 2
  • 15
  • 39
3
votes
1 answer

Open ID Connect and native public app...no implicit flow, no hybrid flow...so what?

We are currently developing a native mobile application, and we need to authenticate end-user with our identity server (made with thinktecture identity server v3), and/or external social identity providers, to consume some resources in our…
Harween
  • 51
  • 4
2
votes
1 answer

How do you turn off IdentityServer3's built in UI views (login and registration)?

I'm trying to implement IdentityServer3 into my architectural mix. I like the idea of registering Clients, Users, and Scopes. What I do not like is using IdentityServer3's built in login and registration forms. I have 4 different apps that need…
Tom Schreck
  • 5,177
  • 12
  • 68
  • 122
2
votes
1 answer

Invalid_Grant error when using Refresh Token

I am using IdentityServer3's Hybrid Flow. I have enabled the offline_access scope inorder to get refresh token. When my access token expires, I am calling core/connect/token endpoin. I am passing client_id, client_secret, refresh_token and…
Sabby62
  • 1,707
  • 3
  • 24
  • 37
1
2 3 4 5 6