Stack Overflow
Stack Overflow

Questions tagged [identityserver3]

OpenID Connect Provider and OAuth 2.0 Authorization Server Framework based on Katana.

IdentityServer 3 (IdSrv3) is a .NET/Katana-based framework and hostable component that allows implementing single sign-on and access control for modern web applications and APIs using protocols like OpenID Connect and OAuth2. It supports a wide range of clients like mobile, web, SPAs and desktop applications and is extensible to allow integration in new and existing architectures.

1321 questions
7
votes
3 answers

Identity Server - Identity/Resource scope - How can client get resource claims about the user

I have read Dominik's blog post on authentication vs permission modeling using Identity Server (https://leastprivilege.com/2016/12/16/identity-vs-permissions/). Since I am mostly using role based authorization, I am fine using IdentityServer as…
sharppanda
  • 81
  • 1
  • 7
7
votes
2 answers

Too many OpenID.nonce cookies cause "Bad Request"

I have already gone through links here, here and here which are related to issue I am having. I have Silverlight application using IdentiServer3 for authentication and I started having this issue just now when I implemented log out functionality.…
LP13
  • 30,567
  • 53
  • 217
  • 400
7
votes
0 answers

Oidc-client: how to use signoutPopup method properly

I'm wondering how to logout properly through the oidc-client UserManager signoutPopup method, without throwing an error when the user closes the popup window? I'm calling UserManager's signoutPopup method and a popup window opens telling me that…
Psybot
  • 73
  • 5
7
votes
1 answer

Identity Server 3 refresh token expires before its expiration period set in the client configuration

I am using Authorization Code flow for one of my Identity Server 3 clients and it is configured as follows: ClientId = "tripgalleryauthcode", ClientName = "Trip Gallery", Flow = Flows.AuthorizationCode, AllowAccessToAllScopes = true, RequireConsent…
user2128702
  • 2,059
  • 2
  • 29
  • 74
7
votes
1 answer

Identity Server 3 Facebook Login Get Email

Identity server is implemented and working well. Google login is working and is returning several claims including email. Facebook login is working, and my app is live and requests email permissions when a new user logs in. The problem is that I…
Ryan
  • 970
  • 15
  • 36
7
votes
1 answer

Identity Server + ionic + OpenID Hybrid flow

I can't find any example for this kinda solution. Is it doable ? In my knowledge, it should be, but I haven't seen anyone doing this. Any downside for this way ? Thanks !
maxisam
  • 21,975
  • 9
  • 75
  • 84
7
votes
1 answer

Identity Server and web api for user management

I'm using Identity Server3 for my project, I currently have a website and api being protected by the Id server, this is working fine however because I'm storing the users in the Id Server database I can't really change any user's data from the…
General Electric
  • 1,176
  • 3
  • 21
  • 44
7
votes
0 answers

IdentityServer UserService.IsActive Impersonation Redirect Loop

I have implemented IsActive inside my custom user service and one of the steps that I do in that method is: check if the user has any roles for the requested client. If user has no roles IsActive will return false. This works well for regular…
Eugene S.
  • 3,256
  • 1
  • 25
  • 36
7
votes
2 answers

Azure AD federated logout not redirecting to client application

I am using Identity Server 3 for a central authentication server to a .Net MVC web application I am building. I have configured the authentication server to use the Open ID Connect identity provider in order to allow users to authenticate against a…
Steve
  • 9,335
  • 10
  • 49
  • 81
7
votes
1 answer

Setting up IdentityServer wtih Asp.Net MVC Application

I apologize in advance for asking this as I have next to no knowledge of security in general and IdentityServer in particular. I am trying to set up IdentityServer to manage security for an Asp.Net MVC application. I am following the tutorial on…
Locust5304
  • 473
  • 1
  • 9
  • 21
7
votes
1 answer

thinktecture identityserver v3

Trying to use Thinctecture identityserver v3 as a simple sts for multiple mvc applications. I'm able to walk through the sample applications provided and the run fine but they all use embedded identityserver. I need the identityserver to be a…
Aaron792000
  • 71
  • 1
  • 2
6
votes
3 answers

Identity Server - Add custom parameters to the JSON response from the Token Endpoint

I’ve a requirement to add custom members in the token response of the Identity Server Token Endpoint. Sample expected response: { "access_token": "XXXXXXXXXXXXXXX", "token_type": "bearer", "expires_in": 3600, "scope": "patient/Observation.read…
vishak os
  • 91
  • 5
6
votes
0 answers

Redirect Loop During Login with Implicit Flow in OpenId Connect Middleware

On server I have Identity Server 3 Identity Server. On client side, I have UseOpenIdConnectAuthentication. This is working great. But suddenly after some times when user successfully logged in at my identity server, the redirection starts looping…
Imran Qadir Baksh - Baloch
  • 32,612
  • 68
  • 179
  • 322
6
votes
2 answers

How to enable sliding expiration in IdentityServer

I am using IdentityServer3 for authentication and I have ASP.NET MVC application as Client. I want to setup sliding expiration of authentication cookie. So as long as user is actively doing something in client application he should be logged in. If…
LP13
  • 30,567
  • 53
  • 217
  • 400
6
votes
3 answers

How to get access token from Identity Server by passing username and password?

We are using identity server to generate access token for our web services. We have added swagger also. But the problem we faced is, to generate an access token by using a code snippet for API automation. Is there any automated way to get access…
Osanda Deshan
  • 1,473
  • 3
  • 14
  • 30
1 2 3
87 88