Questions tagged [openiddict]

Versatile OpenID Connect stack for ASP.NET Core and Microsoft.Owin (compatible with ASP.NET 4.6.1). For official support, please visit https://github.com/openiddict/openiddict-core/issues/new/choose.

OpenIddict aims at providing a versatile solution to implement an OpenID Connect server and token validation in any ASP.NET Core 2.1, 3.1 and 5.0 application, and starting in OpenIddict 3.0, any ASP.NET 4.x application using Microsoft.Owin too.

For official support, please visit https://github.com/openiddict/openiddict-core/issues/new/choose.

442 questions
4
votes
1 answer

Custom flow - delegation

I was wondering if it is possible to implement with openiddict a delegation grant type similar to the one implemented here with Identity Server. var result = await _validator.ValidateAccessTokenAsync(userToken); if (result.IsError) { …
Pedro Faustino
  • 227
  • 3
  • 14
4
votes
1 answer

Client Credentials flow: Problem understanding the whole setup

I'm currently trying to setup an OpenIddict based AuthServer for my company. I'm currently struggling with accessing a secured endpoint from one of my test APIs. Desired solution in the future What I want to achieve in the long run: A centralized…
MiHo
  • 170
  • 7
4
votes
1 answer

OpenIddict Decryption of key failure

As the title says, getting an: "IDX10609: Decryption failed. No Keys tried: token: 'System.String'." Error when trying to authenticate. Using Openiddict for the auth server. I'm sure I've got something configured wrong within it or the api server…
freshsmoe
  • 179
  • 1
  • 14
4
votes
1 answer

How to properly validate OpenIddict JWT access_token in API?

I'm trying to implement an identity server based on OpenIddict. The use case we have is one large javascript application that needs to authenticate users to multiple back-end APIs. The javascript application gets a token from a dedicated OpenIddict…
wjm03
  • 191
  • 2
  • 7
4
votes
1 answer

AspNet.Security.OpenIdConnect.Server Token Revocation and Logout is not working

I have configured both revoke and logout end points as mentioned below. .AddOpenIdConnectServer(options => { options.LogoutEndpointPath = "/logout"; options.RevocationEndpointPath = "/revoke"; } But both are not working Token revocation is…
4
votes
1 answer

Setting up custom scope for OpenIddict MVC Core 2.0

I am fairly new to OpenId and auth in MVC and creating an OpenIddict auth server and client mvc app as shown in the authorization code flow sample. https://github.com/openiddict/openiddict-samples I need to add companyId from my application user to…
Henrik Poulsen
  • 215
  • 2
  • 12
4
votes
1 answer

Hosting ASOS with TestServer

I have an OpenIdDict authentication server which is based on AspNet.Security.OpenIdConnect.Server. The setup works as expected. Now to do some in process integration;system tests which span the whole backend architecture I use the TestServer class.…
4
votes
2 answers

OpenIddict: 401 errors when two or more service instance count

I have a .NET Core application with Angular2 UI running in a Service Fabric Cluster that I secured using OpenIddict. I followed this example: https://github.com/openiddict/openiddict-samples/tree/master/samples/RefreshFlow It works great when I only…
Per
  • 491
  • 6
  • 19
4
votes
3 answers

IdentityServer 4 or OpenIddict?

Which one of these would be the easiest to setup server-to-server JWT on? I already have an existing JWT token do I need to setup an entire server just to pass through the token? I have a requirement use-case to create a client for a web API hosted…
webdev8183
  • 153
  • 2
  • 4
  • 16
4
votes
1 answer

ASP.NET Core Openiddict throws "An OpenID Connect response cannot be returned from this endpoint"

I follow instruction in openiddict server example using password flow from https://github.com/openiddict/openiddict-samples/tree/master/samples/PasswordFlow but have no success. It throws InvalidOperationException: An OpenID Connect response cannot…
trinvh
  • 1,500
  • 2
  • 11
  • 20
4
votes
1 answer

Revoke All Refresh Tokens of User

I'm using password grant flow, with asp.net Identity. I want to kill all refresh token for a user, every time a login its executed. I need this to kill its "session" even when he sign in with a different device, like other pc, or smartphone. So, how…
Jedi31
  • 735
  • 1
  • 6
  • 22
4
votes
3 answers

SqlException: Invalid object name 'OpenIddictTokens'

When I try to login I get error: An unhandled exception occurred while processing the request. SqlException: Invalid object name 'OpenIddictTokens'. System.Data.SqlClient.SqlCommand+<>c.b__107_0(Task result) DbUpdateException: An error occurred…
Makla
  • 9,899
  • 16
  • 72
  • 142
4
votes
1 answer

The type or namespace name 'OpenIddictDbContext<,,>' could not be found

I have a problem. I opened my project this morning and got the error: The type or namespace name 'OpenIddictDbContext<,,>' could not be found (are you missing a using directive or an assembly reference?) [netcoreapp1.1] This error occurred when I…
hxwtch
  • 135
  • 3
  • 14
4
votes
3 answers

How can I add custom claims to be returned when requesting a token using OpenIddict?

I'm building ASP.NET Core 1.1 app (cross platform) and trying (using this sample) to add custom claims to the returned access_token when requesting /connect/token endpoint. What I need is to not only return the claims serialized in the access_token…
Dabbas
  • 3,112
  • 7
  • 42
  • 75
3
votes
1 answer

OpenIddict, after restarting auth server the tokens are invalidated

I have the following set up: Authorization server (.NET 6 with MVC, port 7000), Client (.NET 6 with MVC, port 7001), Resource Server (.NET 6 API, port 7002). Authorization server set up: builder.Services.AddAuthentication() .AddGoogle(options => …
Andriy
  • 362
  • 3
  • 16
1 2
3
29 30