Stack Overflow
Stack Overflow

Questions tagged [openiddict]

Versatile OpenID Connect stack for ASP.NET Core and Microsoft.Owin (compatible with ASP.NET 4.6.1). For official support, please visit https://github.com/openiddict/openiddict-core/issues/new/choose.

OpenIddict aims at providing a versatile solution to implement an OpenID Connect server and token validation in any ASP.NET Core 2.1, 3.1 and 5.0 application, and starting in OpenIddict 3.0, any ASP.NET 4.x application using Microsoft.Owin too.

For official support, please visit https://github.com/openiddict/openiddict-core/issues/new/choose.

442 questions
0
votes
1 answer

Openiddict returning 404 instead of 401 for unauthorized web api calls (core 2.0)

I've setup openiddict in a .net core 2.0 web api and have the code and password flows working. I have test cases to ensure locked down actions in the API get refused when the requestor is not authorized which looks for a 401 status code. When…
Geekn
  • 2,650
  • 5
  • 40
  • 80
0
votes
1 answer

OpenIddict get token_id before response

[AllowAnonymous] [HttpPost("~/api/auth/login")] [Produces("application/json")] public async Task Login(OpenIdConnectRequest request) { ... var ticket = await CreateTicketAsync(request, user); …
Ahmet Sancar
  • 65
  • 4
0
votes
1 answer

Openiddict guidance related to external login

I have a mobile app that talks to a backend web API (core 2.0). Presently I have the API configured to use Opendidict with Facebook integration based on the configuration listed below. public static IServiceCollection AddAuthentication(this…
Geekn
  • 2,650
  • 5
  • 40
  • 80
0
votes
1 answer

OpenIddict: How to manually check access token and get identity

I am using OpenIddict for authentication/authorization. I need to manually check access token and get user (ClaimsPrincipal) behind that token. How? Use case: I am using SignalR. On every method call from client I would like to check if user is…
Makla
  • 9,899
  • 16
  • 72
  • 142
0
votes
1 answer

JWT authentication in SignalR Core from Angular

The post is almost duplicate as this question, but I am using new SignalRCore (1.0.0 alpha2). In my .NET Core 2.0 I use OpenIddict to authenticate user on…
Makla
  • 9,899
  • 16
  • 72
  • 142
0
votes
1 answer

ASP.NET Core SignIn(Principal, Properties, AuthenticationScheme) is throwing An authorization or token response cannot be returned from this endpoint

The current follow of my application is that I'm getting access-token from the front-end then using that token my backend is calling the External-Login provider to conform the user identity and retrieve the extra information-from the login…
Bipn Paul
  • 1,415
  • 2
  • 14
  • 24
0
votes
1 answer

After updating ASP.NET Core 1.1 to ASP.NET Core 2.0 ,Return statement SignIn(ticket.Principal, ticket.AuthenticationScheme);is giving 500 error

I recently updated my project to ASP.NET core 2.0 from ASP.NET core 1.1 .I'm using openiddict for authentication. This is my controller which is responsible for request/response. [HttpPost("token")] public async Task
Bipn Paul
  • 1,415
  • 2
  • 14
  • 24
0
votes
1 answer

Openiddict implicitflow premature token expiration

My openiddict config is as services.AddOpenIddict(options => { options.AddEntityFrameworkCoreStores(); options.AddMvcBinders(); options.EnableAuthorizationEndpoint("/connect/authorize") …
user5490729
0
votes
1 answer

Refresh token revocation after it was expired

I have a problem with revocation of "refresh token" after it was expired. I have a standard table "OpenIddict Tokens" where openiddict stores tokens. In Startup class where I configure OpenIddict, I…
Viacheslav Yankov
  • 988
  • 10
  • 19
0
votes
1 answer

Share Keys on Multiple Apps on Azure

We're facing a problem is that we want to install the same ASP.Net Core WebApp in multiple locations and route users using traffic managers but if we do that, we get issues because the authentication tokens get stored in one server and the user may…
Techy
  • 2,026
  • 4
  • 20
  • 41
0
votes
0 answers

Openiddict. Unable to reach Accept(Deny) authorization endpoint for Authorization Code flow

I use the Openiddict library for OAuth2 authentification on the server side. We use Asp.Net Core - server side, Angular 2 - client side. After processed Authorize request, the server redirects to the following URL with user confirmation form. See…
shkapo
  • 591
  • 1
  • 5
  • 8
0
votes
1 answer

How to Generate AccessToken for user who is logged in with External Providers

I have an API implemented by asp.net core. I've used OpenIddict to generate access token and refresh token for users who registered to my api by email and password. I've added Google middleware (.UseGoogleAuthentication ... ) to my API and I can…
Hesam Kashefi
  • 620
  • 8
  • 15
0
votes
1 answer

ASP.NET Core Permissions

I am lost in all options that is possible for managing what a user can do and what a user can not do. I started with Roles: [Authorize(Roles = Constants.Roles.ModeratorAndUp)]. Where ModeratorAndUp is string "Moderators, Administrators". But I need…
Makla
  • 9,899
  • 16
  • 72
  • 142
0
votes
1 answer

Openiddict multiple refresh tokens

How do you create custom provider for openiddict in Asp.net core to allow multiple refresh tokens? This way if the user logs in from their computer and then goes home and logs in on their phone, they don't have to login each time they get on to a…
user1779362
  • 1,012
  • 1
  • 12
  • 29
0
votes
1 answer

JWT Authentication / Authorization with Angular and MVC Core

I'm working on an Angular SPA using ASP.NET MVC core as the backend API and i'm having a lot of trouble getting my JWT authentication to work correctly. I am using Openiddict as my JWT Middleware to issue tokens. I can successfully send a token…
user501211
  • 435
  • 1
  • 5
  • 14
1 2 3
29
30