Stack Overflow
Stack Overflow

Questions tagged [openiddict]

Versatile OpenID Connect stack for ASP.NET Core and Microsoft.Owin (compatible with ASP.NET 4.6.1). For official support, please visit https://github.com/openiddict/openiddict-core/issues/new/choose.

OpenIddict aims at providing a versatile solution to implement an OpenID Connect server and token validation in any ASP.NET Core 2.1, 3.1 and 5.0 application, and starting in OpenIddict 3.0, any ASP.NET 4.x application using Microsoft.Owin too.

For official support, please visit https://github.com/openiddict/openiddict-core/issues/new/choose.

442 questions
3
votes
1 answer

Accessing authentication ticket information when using openiddict

Is there any way I can access the auth ticket info set on the auth server when it is separate from the resource server? On the auth server I can access all the ticket properties I set using var authInfo = await…
Robert Campbell
  • 33
  • 4
3
votes
1 answer

Social authentication in Web Api Core

ASP.NET Core has integrated support for Google, Facebook and Twitter authentication. This msdn article covers it pretty well. But it seems like it works only for MVC but for Web Api you have to implement a lot of stuff on your own. Thanks to…
SiberianGuy
  • 24,674
  • 56
  • 152
  • 266
3
votes
1 answer

ASP.NET core indentity error: Entity type 'AppUserLogin' is defined with a single key property, but 2 values were passed to the 'DbSet.Find' method

I override Identity classes: [Table("Roles")] public partial class AppRole : IdentityRole { } [Table("RoleClaims")] public partial class AppRoleClaim : IdentityRoleClaim { } …
Makla
  • 9,899
  • 16
  • 72
  • 142
3
votes
1 answer

Rich Twitter Digits/Google Auth with OpenIdDictServer

Our app requires sign-in by either mobile number or Google. We are planning to Twitter Digits for mobile number authentication. The flow of registration and authentication as I understand is as below: Mobile app does rich authentication with…
Abhijit Ajmera
  • 235
  • 2
  • 12
3
votes
1 answer

Unable to request a token, request fields empty

I'm trying to create an API for an SPA. I'm using the latest .NET Core, MVC and EF. I'd like to authenticate users using JWT, so I decided to use openiddict core. I've tried setting it up according to the examples at the github page and this blog…
Jan Kalfus
  • 5,422
  • 2
  • 30
  • 38
3
votes
1 answer

Make the User.Identity include the email address from the access token payload

We are using OAuth via introspection to validate access tokens. app.UseOAuthIntrospection(options => { options.AutomaticAuthenticate = true; options.AutomaticChallenge = true; options.Authority = "http://localhost:12345/"; …
Shaun Luttin
  • 133,272
  • 81
  • 405
  • 467
3
votes
2 answers

Register multiple RedirectUris

Sometimes a client has more than one redirect uri. We want to be able to register multiple RedirectUri values. How, if at all, do we do that? context.Applications.Add(new OpenIddictApplication { ClientId = "zamboni-app", ClientSecret =…
Shaun Luttin
  • 133,272
  • 81
  • 405
  • 467
3
votes
1 answer

OpenIddict with two-factor authentication

Well the title pretty much explains it all, but here is what I am trying to do: I am working on an ASP.NET Core 1.0 application that needs to support authentication with JWT. This is very easily done with OpenIddict, but OpenIddict is one of those…
larzz11
  • 1,022
  • 2
  • 11
  • 24
3
votes
2 answers

JWT token not validating on remote server , Unable to match 'kid' Errror

I am using asp.net core with openiddict , for authorization i am using jwtmiddleware app.UseJwtBearerAuthentication(new JwtBearerOptions { AutomaticAuthenticate = true, AutomaticChallenge = true, …
noobProgrammer
  • 2,884
  • 3
  • 17
  • 20
2
votes
0 answers

Openiddict 4.2.0 upgrade causes missing audience in access_token but works with 3.0.3

We have an application that uses openiddict 3.0.3 with .net 5.0. Now, we are upgrading to .net 7.0 and wanted to upgrade openiddict to 4.2.0 but unfornately it doesn't work. We found the access_token doesn't contain the audience property. The…
Rashed
  • 21
  • 2
2
votes
1 answer

OpenidDict 4.0 + MSAL.js fails for Code flow + PKCE due to sending scopes

Problem Openididct v4 started declining the PKCE's Access Token request (RFC 7636, when the client exchanges the authorization code) if the client passes scopes (ref to the line in the code enforcing it). It wasn't the case for v3.x However, the…
Alex Klaus
  • 8,168
  • 8
  • 71
  • 87
2
votes
0 answers

OpenIddict using resource server 401 Error: Requires an authenticated User

I'm passing a token with the authorization: bearer {token} header. The {token} was just issued by the OpenIddict server which is using DataProtection() to create reference tokens. The resource server is setup like this: services.AddOpenIddict() …
James Hancock
  • 3,348
  • 5
  • 34
  • 59
2
votes
1 answer

How to use OpenIddict AuthServer and Web API in same project

I've built an OpenIddict OAuth server using the marvelous guide by Robin van der Knaap although I've actually implemented it using Identity instead of cookies. I'm also trying to run a Web API from the same project because the end customer only…
tappetyclick
  • 472
  • 2
  • 14
2
votes
1 answer

OWIN Authentication, Authorization code migration from .net framework to .net 6 (Token based Authentication)

We have implemented OWIN Authorization to our Web Api's in .Net framework project. Now we are migrating this to .Net6. It seems in .net6/.net core owin authentication is not supported. I don't find any documentation around this. It seems…
Mahesh Vennapusa
  • 35
  • 5
2
votes
0 answers

OpenIdDict: dynamic signing certificate update

I want to implement a dynamic signing certificate update. If I create BackgroundService which will inject OpenIddictServerOptions and update SigningCredentials and TokenValidationParameters with information about new certificate, will it be correct?…
Тимур Муталлапов
  • 21
  • 2
1 2 3
29 30