identityserver3

问题 I configured my IdSvr client to return reference tokens to make them revocable. I'm also using the IdentityServer.EntityFramework library to store the generated reference tokens in the Tokens table. The Token Revocation endpoint requires the token to revoke. As an administrator I want to call revocation but I don't know the access token as the key is stored hashed in the database. How would the administrator locate the tokens to revoke for a user? 回答1: You can revoke by subject and client id.

问题 I'm going to ask this question and answer it so that it helps others that might run into the problem. I am running Identity Server 3 alongside my main web application (ASP.NET Web Forms) with implicit flow. During development I used the following addresses: 192.168.1.100 idsrv.company.dev 192.168.1.101 dev.company.dev .. and issued appropriate self-signed certificates so that the world was happy. Now I have a pucka wildcard certificate and have made the following changes: 192.168.1.100 idsrv

问题 I am trying to integrate IdentityServer4 with ASP.NET MVC WebAPI.I want to achieve role based authorization. I have the following projects running. IdentityServer4 [a separate project] WebApi Javascript Application [using Extjs] I have implemented the ResourceOwnerPassword flow and what I am trying to do is, Make a post request to AccountController of the WebApi containing username and password Inside the AccountController call the IdentityServer token endpoint for an access token and return

问题 I wanted to write acceptance tests for my WebApi and IdentityServer. To keep things as simple as possible I copied the whole sample project from here but added another project, that essentially makes the same as the console client would but as a acceptance test. The only scenario I got right now is this: namespace SpecTesting { using System; using System.Net; using System.Net.Http; using System.Threading; using FluentAssertions; using IdentityModel.Client; using Xbehave; public class

问题 I'm having a Client in my IdentityServer3 new Client { ClientName = "Client Credentials Flow Client", Enabled = true, ClientId = "clientcredentials.reference", Flow = Flows.ClientCredentials, ClientSecrets = new List<Secret> { new Secret("secret".Sha256()), }, AllowedScopes = new List<string>() { "read", "write" } } I hosted the Token Service in my local IIS and I tried to ping the Token using Postman, but it given an error {"error":"invalid_scope"} Host URL: https://localhost:5775/core

问题 I am looking at options to log client id for every request (if available), so that it can be used for reporting purpose to find out the number of request per client. Ids logs the client id for token request when LogLevel is Information. Looking at IDS code, we need to extract the client id from AuthenticationHeader or from Body of the request. Wanted to know if there anything that is already built into ids to do this. Any other ways to do this? 回答1: Absolutely! Implementing the IEventService

问题 I am developing a web api for use with IdentityServer3. I have the server and the web api running, but I am having trouble figuring out how to have users login from a mobile app to the server. My question is this: if I have implicit flow enabled for the identity server, how do users sign in from a tool like fiddler to receive their tokens upon successful authentication? I know that the token endpoint is: https://myidservername/identity/connect/token I also know that the authorization endpoing

问题 I am starting to work with Dynamics 365 Portal add-on (Online, not on-prem), which I've configured to use an external authentication provider in the form of Identity Server with OpenId Connect. The problem with this is that I don't have access to the under-the-hood portal authentication process, there's just a few basic config settings and users can authenticate using the external IdP. I can't access roles, claims, or any custom info that might come back as part of the OpenId Connect user's

问题 In my solution I have mvc project and Identity Server3 project and I am authenticating mvc client by using Identity Server.When i start these two projects from visual studio the mvc application automatically redirects to the login page of core.Idenity server project and we can enter credentials it redirects back to mvc project.But now when i hosted these two application on two different ports on IIS server then identity server is working fine but when run the mvc project it shows The remote

问题 I've been reviewing how we should handle OAuth authentication in our browser application (SPA), and there's a whole bunch of articles out there that makes it all really confusing... I'm really missing something concrete and best practice guidance for a very simple setup. We have this ASP.NET Web API 2 that's protected using tokens issued by IdSvr3. So far so good. Works with native clients and server apps. Now to the browser stuff... Looking at a sample such as JavaScriptImplicitClient which