Stack Overflow
Stack Overflow

Questions tagged [openiddict]

Versatile OpenID Connect stack for ASP.NET Core and Microsoft.Owin (compatible with ASP.NET 4.6.1). For official support, please visit https://github.com/openiddict/openiddict-core/issues/new/choose.

OpenIddict aims at providing a versatile solution to implement an OpenID Connect server and token validation in any ASP.NET Core 2.1, 3.1 and 5.0 application, and starting in OpenIddict 3.0, any ASP.NET 4.x application using Microsoft.Owin too.

For official support, please visit https://github.com/openiddict/openiddict-core/issues/new/choose.

442 questions
7
votes
2 answers

ASP.NET Core 1.0 OAuth Server using Openiddict

I would like to use Openiddict OAuth to protect api endpoints in my ASP.NET Core 1.0 Web Application. The api endpoints will be called by a phone app and users must login with username and password. The flow goes like this: User can register and…
user2818430
  • 5,853
  • 21
  • 82
  • 148
6
votes
3 answers

OpenId Connect renew access_token in SPA

Trying to implement OpenId Connect in Web Application consisting of following components Identity Provider Resource server Single Page Application acting as Client. Identity Provider and Resource Server are the same application. SPA use Password…
tchelidze
  • 8,050
  • 1
  • 29
  • 49
6
votes
1 answer

Openiddict introspect not working (The access token is not valid.)

I have 3 projects 1- SPA, 2- Web API Project, 3- Identity (setup using openiddict, ASP.NET Core 2.0 (OpenIddict.dll version 2.0.0.-rc2-0854) with EF Core. API and Identity Server run successfully, can get the jwt token but, when I try to get value…
Satish
  • 99
  • 1
  • 9
5
votes
2 answers

ABP Framework HttpApi.Host failure in K8S deployment with nginx reverse proxy

I have deployed the ABP framework in a Kubernetes cluster. Following deployments are present: Redis MSSql AuthServer HttpApi.Host Nginx ingress / reverse proxy with https termination, no encryption within the cluster. Hence, the AuthServer,…
kungcc
  • 1,832
  • 5
  • 25
  • 48
5
votes
1 answer

Response type is not valid

I am using openidict and oidc-client authentication, services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => { options.LoginPath =…
Msr Devadiga
  • 51
  • 3
5
votes
0 answers

How to invalidate/logout refresh and access tokens with OpenIddict (using memory database)

I am having a .NET Core 2.1 Web API project using OpenIddict. TLDR: Following the example given here, I need the sample for performing the logout request to invalidate/logout the refresh token and the access token for one user. LONG VERSION: It…
iquellis
  • 979
  • 1
  • 8
  • 26
5
votes
1 answer

Angular & Asp.Net Core - Enable 2 Factor Authentication

I have a single page application written in angular 7 which communicates with my ASP.Net Core 2.2 Web API server. On login, the user sends his credentials to my authorization server (connect/token) using "resource owner password credentials" grant.…
Tal Humy
  • 1,197
  • 1
  • 18
  • 41
5
votes
1 answer

OpenIdDict in ASP.NET 4.5 or alternative frameworks?

In an old project we used ASP.NET 4.5 and I would like to use the Framework OpenIdDict in it. It's made vor ASP.NET Core 1 and 2. Can I still use it? What do I have to pay attention to? If I can't use that, which alternatives do you know? Link to…
dafna
  • 893
  • 2
  • 10
  • 21
5
votes
0 answers

openiddict, angular, which flow type to use (without auth server redirect page)

I'm new to oauth2 and openid connect, so, many concepts are still obscure for me - and I'm here for advice I'm planning to build a web app with the following components: SPA with angular web API with asp.net core 2.x auth server (separate - not in…
Saif
  • 502
  • 5
  • 15
5
votes
2 answers

Do not receive refresh token with OpenIddict

I have a web api project based on .net core 2.0. I followed pretty much the very good example on http://kevinchalet.com/2017/01/30/implementing-simple-token-authentication-in-aspnet-core-with-openiddict/. The code that returns the SignIn() result…
iquellis
  • 979
  • 1
  • 8
  • 26
5
votes
2 answers

.net core - Jwt middleware authentication signing key being ignored

I am using openiddict which is configured to to use json web tokens: // Add authentication services.AddAuthentication(); // Add OpenId Connect/OAuth2 services.AddOpenIddict() .AddEntityFrameworkCoreStores() …
adnan kamili
  • 8,967
  • 7
  • 65
  • 125
5
votes
1 answer

OpenIddict Get User Id in the token Response

Using ASP.NET Core with OpenIddict password grant. When calling an authentication end point, I am getting this: { "token_type": "Bearer", "access_token": "eyJhbGciOiJ...", "expires_in": 1800 } How can I include the user id in the response? I…
Adam
  • 3,872
  • 6
  • 36
  • 66
5
votes
1 answer

Claims Based Authentication with OpenId Connect

I am using ASP.NET Core with OpenIddict, JWT, Resource Owner Grant and claims-based role. Authorization without enforcing any policy is working as expected. I want to enforce authorisation policies on some controllers and action methods. All my…
Adam
  • 3,872
  • 6
  • 36
  • 66
4
votes
1 answer

Can't authorize swagger through my Authorization Server using OIDC

I'm using Swashbuckle configured as services.AddSwaggerGen(c => { c.SwaggerDoc("v2", new OpenApiInfo { Title = "API", Version = "v2" }); c.AddSecurityDefinition("OpenId", new OpenApiSecurityScheme { Type =…
anatol
  • 1,680
  • 2
  • 24
  • 47
4
votes
2 answers

How do I configure SwaggerGen with OpenIddict parameters for client credentials grant?

I'm trying to figure out how I can configure SwaggerGen to populate/display the fields/parameters for OpenIddict and client credentials grant. services.AddDbContext(options => { …
tnk479
  • 672
  • 11
  • 26
1
2
3
29 30