0

I need help regarding Identity Server on the following:

  1. Do reference tokens use Signing Certificate?
  2. On http://localhost application is working fine, on binding to a public URL with https, the login call returns a token, but consecutive WebApi(client) calls return "401 - Authorization has been denied for this request". Is it because of SSL certificate or due to NLB (two different Identity servers are deployed on the backend) - I am using Entity framework for storing the reference tokens. Do multi domain SSL certificate (SAN) work fine for Identity Server?
  3. Do I need to add machine keys on both Identity server config files to sync or is this requirement only for JWT approach?

Thanks.

zeppelin
  • 451
  • 1
  • 4
  • 24
  • Infact, the website on https ://localhost is also behaving the same way. What could be the problem here? Any idea? – zeppelin Aug 01 '17 at 15:34
  • I have enabled logging on Identity Server, but 401 error is not getting logged in the logfile, maybe it is thrown from webapi, do i have to enable logging there as well? – zeppelin Aug 01 '17 at 17:09

0 Answers0