openid-connect

Scenario: When I started to do a test with AAD B2C Custom policy, I used this sample: active-directory-b2c-custom-policy-starterpack/SocialAndLocalAccounts/ I referred to this documentation to get started. I followed those steps and changed some values in the samples and have double checked the client_id and resource_id. When I tried to run the signup or signin policy, I failed to signin with a local account with error: (Though I can signin with soical account) Invalid username or password I used Fiddler to catch the traffic, here is the request and response when I came across the error:

I am trying to build multiple small ASP.Net core Mvc services that connect to a Identity server built using IdentityServer4. I have setup the OpenIdOption on the MVC services that looks like this app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationScheme = "Cookies" }); app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions { AuthenticationScheme = "oidc", SignInScheme = "Cookies", Authority = "http://localhost:5000", RequireHttpsMetadata = false, ClientId = "mvc", ClientSecret = "secret", ResponseType = "code id_token", Scope = { "api1", "offline_access" },

I am using an OpenId Connect Authentication Server , specifically Identity Server 4 (version 1.5.2) on .NET Core 1.1. I have this running with ASP.NET Framework MVC 5 and ASP.NET Core 1.1 MVC web applications. The following configuration is from a .NET Core 1.1 web application: public void Configure( IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { app.UseDeveloperExceptionPage(); app.UseStatusCodePages(); app.UseRewriter(new RewriteOptions().AddRedirectToHttps()); app.UseStaticFiles(); #region Configure Authentication JwtSecurityTokenHandler

I'm trying to connect an ASP.NET application to Salesforce using OpenId, Currently this is my connecting code so far. I think I got everything except the redirect_uri parameter, which has to match the value on the other end exactly. app.UseCookieAuthentication(x => { x.AutomaticAuthenticate = true; x.CookieName = "MyApp"; x.CookieSecure = CookieSecureOption.Always; x.AuthenticationScheme = "Cookies"; }); JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = new Dictionary<string, string>(); app.UseOpenIdConnectAuthentication(x => { x.AutomaticAuthenticate = true; x.Authority = "https://login

In my implementation I am using OpenID-Connect Server (Identity Server v3+) to authenticate Asp.net MVC 5 app (with AngularJS front-end) I am planning to use OID Code flow (with Scope Open_ID) to authenticate the client (RP). For the OpenID connect middle-ware, I am using OWIN (Katana Project) components. Before the implementation, I want to understand back-channel token request, refresh token request process, etc using OWIN.. But I am unable to find any documentation for this type of implementation (most of the available examples use Implicit flow). I could find samples for generic Code flow

I'm looking for OpenID Connect (OIDC) Relying Party lightweight library that will have these routines implemented. Compose "Authentication Request" Validate "id_token" signature (including downloading certificate from metadata endpoint) Parse "id_token" JWT The only OIDC flow to be supported is so called " implicit flow " where server answers with "id_token" (and "access_token" if requested) right from authorization endpoint ( spec link ). Searching over NuGet repository seems to yield the only suitable option - OWIN middleware, and even though I can confirm it works, it would be better to

I try to get OpenID Connect running... A user of my Web API managed to get an Authorization Code of a OpenID Connect Provider. How am I supposed to pass this code to my ASP.NET Web API? How do I have to configure OWIN Middleware such that I can get an Access Token using the Authorization Code? UPDATE: A SPA uses AJAX for communicating with my web service (ASP.NET Web API). In my web service a use OWIN Middleware. I set OpenIDConnect as the authentication mechanism. When the web service is called for the first time it successfully redirected the user to the login page of the OpenID Connect