Use IdentityServer3.AccessTokenValidation in ASP.Net web api to talk to IDS4












0















We have setup Identity server 4 with .Net Core 2.1. We have ASP.Net Web API on .Net 4.6. This cannot be migrated to Core. I have installed IdentityServer3.AccessTokenValidation in this API project together with OWN and other neeeded packages. I can use a client and get the access token from the IdentityServer. When the client uses that token with the API, I get 401. I have searched the web for solutions but cannot find anything that I can use to make this work.
I tried this - https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/issues/164
but did not work. I cannot find any samples.
So my question is is it not possible to use IdentityServer3.AccessTokenValidation to talk to IDS4?



Do I need to setup IDS3 instead?



UPDATE



I turned on verbose logging and got the following



Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/introspect application/x-www-form-urlencoded 70
IdentityServer4.Hosting.IdentityServerMiddleware:Information: Invoking IdentityServer endpoint: IdentityServer4.Endpoints.IntrospectionEndpoint for /connect/introspect
IdentityServer4.Validation.ApiSecretValidator:Error: API validation failed.
IdentityServer4.Endpoints.IntrospectionEndpoint:Error: API unauthorized to call introspection endpoint. aborting.
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 26.5186ms 401
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ2C0UKBLN", Request id "0HLIJ2C0UKBLN:00000008": the application completed without reading the entire request body.


Below is my API code in Configuration method



        var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();

app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44333",
RequiredScopes = new { "api" },

ClientId = "api",
ClientSecret = "secret",

//DelayLoadMetadata = true
});

app.UseWebApi(config);


Code on IDS4 side for the ApiResource.



    public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api", "MyApi") { ApiSecrets = { new Secret("secret".Sha256()) } }
};
}


UPDATE 2



Yes I have enabled Trace. After bit more of playing around with the code and reinstalling the packages, I now get a different error.Request is made to /connect/accesstokenvalidation. This endpoint is not available in IDS4



Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/accesstokenvalidation application/x-www-form-urlencoded 70
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 3.405ms 404
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ9RBG591K", Request id "0HLIJ9RBG591K:0000000A": the application completed without reading the entire request body.










share|improve this question

























  • There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.

    – Rosdi Kasim
    Nov 25 '18 at 7:25











  • Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject

    – Amitesh
    Nov 25 '18 at 8:10













  • Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.

    – Rosdi Kasim
    Nov 25 '18 at 9:42











  • Please see update for the logs and code snippet

    – Amitesh
    Nov 25 '18 at 20:19













  • If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'

    – Amitesh
    Nov 25 '18 at 22:27
















0















We have setup Identity server 4 with .Net Core 2.1. We have ASP.Net Web API on .Net 4.6. This cannot be migrated to Core. I have installed IdentityServer3.AccessTokenValidation in this API project together with OWN and other neeeded packages. I can use a client and get the access token from the IdentityServer. When the client uses that token with the API, I get 401. I have searched the web for solutions but cannot find anything that I can use to make this work.
I tried this - https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/issues/164
but did not work. I cannot find any samples.
So my question is is it not possible to use IdentityServer3.AccessTokenValidation to talk to IDS4?



Do I need to setup IDS3 instead?



UPDATE



I turned on verbose logging and got the following



Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/introspect application/x-www-form-urlencoded 70
IdentityServer4.Hosting.IdentityServerMiddleware:Information: Invoking IdentityServer endpoint: IdentityServer4.Endpoints.IntrospectionEndpoint for /connect/introspect
IdentityServer4.Validation.ApiSecretValidator:Error: API validation failed.
IdentityServer4.Endpoints.IntrospectionEndpoint:Error: API unauthorized to call introspection endpoint. aborting.
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 26.5186ms 401
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ2C0UKBLN", Request id "0HLIJ2C0UKBLN:00000008": the application completed without reading the entire request body.


Below is my API code in Configuration method



        var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();

app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44333",
RequiredScopes = new { "api" },

ClientId = "api",
ClientSecret = "secret",

//DelayLoadMetadata = true
});

app.UseWebApi(config);


Code on IDS4 side for the ApiResource.



    public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api", "MyApi") { ApiSecrets = { new Secret("secret".Sha256()) } }
};
}


UPDATE 2



Yes I have enabled Trace. After bit more of playing around with the code and reinstalling the packages, I now get a different error.Request is made to /connect/accesstokenvalidation. This endpoint is not available in IDS4



Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/accesstokenvalidation application/x-www-form-urlencoded 70
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 3.405ms 404
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ9RBG591K", Request id "0HLIJ9RBG591K:0000000A": the application completed without reading the entire request body.










share|improve this question

























  • There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.

    – Rosdi Kasim
    Nov 25 '18 at 7:25











  • Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject

    – Amitesh
    Nov 25 '18 at 8:10













  • Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.

    – Rosdi Kasim
    Nov 25 '18 at 9:42











  • Please see update for the logs and code snippet

    – Amitesh
    Nov 25 '18 at 20:19













  • If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'

    – Amitesh
    Nov 25 '18 at 22:27














0












0








0


0






We have setup Identity server 4 with .Net Core 2.1. We have ASP.Net Web API on .Net 4.6. This cannot be migrated to Core. I have installed IdentityServer3.AccessTokenValidation in this API project together with OWN and other neeeded packages. I can use a client and get the access token from the IdentityServer. When the client uses that token with the API, I get 401. I have searched the web for solutions but cannot find anything that I can use to make this work.
I tried this - https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/issues/164
but did not work. I cannot find any samples.
So my question is is it not possible to use IdentityServer3.AccessTokenValidation to talk to IDS4?



Do I need to setup IDS3 instead?



UPDATE



I turned on verbose logging and got the following



Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/introspect application/x-www-form-urlencoded 70
IdentityServer4.Hosting.IdentityServerMiddleware:Information: Invoking IdentityServer endpoint: IdentityServer4.Endpoints.IntrospectionEndpoint for /connect/introspect
IdentityServer4.Validation.ApiSecretValidator:Error: API validation failed.
IdentityServer4.Endpoints.IntrospectionEndpoint:Error: API unauthorized to call introspection endpoint. aborting.
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 26.5186ms 401
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ2C0UKBLN", Request id "0HLIJ2C0UKBLN:00000008": the application completed without reading the entire request body.


Below is my API code in Configuration method



        var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();

app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44333",
RequiredScopes = new { "api" },

ClientId = "api",
ClientSecret = "secret",

//DelayLoadMetadata = true
});

app.UseWebApi(config);


Code on IDS4 side for the ApiResource.



    public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api", "MyApi") { ApiSecrets = { new Secret("secret".Sha256()) } }
};
}


UPDATE 2



Yes I have enabled Trace. After bit more of playing around with the code and reinstalling the packages, I now get a different error.Request is made to /connect/accesstokenvalidation. This endpoint is not available in IDS4



Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/accesstokenvalidation application/x-www-form-urlencoded 70
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 3.405ms 404
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ9RBG591K", Request id "0HLIJ9RBG591K:0000000A": the application completed without reading the entire request body.










share|improve this question
















We have setup Identity server 4 with .Net Core 2.1. We have ASP.Net Web API on .Net 4.6. This cannot be migrated to Core. I have installed IdentityServer3.AccessTokenValidation in this API project together with OWN and other neeeded packages. I can use a client and get the access token from the IdentityServer. When the client uses that token with the API, I get 401. I have searched the web for solutions but cannot find anything that I can use to make this work.
I tried this - https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/issues/164
but did not work. I cannot find any samples.
So my question is is it not possible to use IdentityServer3.AccessTokenValidation to talk to IDS4?



Do I need to setup IDS3 instead?



UPDATE



I turned on verbose logging and got the following



Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/introspect application/x-www-form-urlencoded 70
IdentityServer4.Hosting.IdentityServerMiddleware:Information: Invoking IdentityServer endpoint: IdentityServer4.Endpoints.IntrospectionEndpoint for /connect/introspect
IdentityServer4.Validation.ApiSecretValidator:Error: API validation failed.
IdentityServer4.Endpoints.IntrospectionEndpoint:Error: API unauthorized to call introspection endpoint. aborting.
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 26.5186ms 401
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ2C0UKBLN", Request id "0HLIJ2C0UKBLN:00000008": the application completed without reading the entire request body.


Below is my API code in Configuration method



        var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();

app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44333",
RequiredScopes = new { "api" },

ClientId = "api",
ClientSecret = "secret",

//DelayLoadMetadata = true
});

app.UseWebApi(config);


Code on IDS4 side for the ApiResource.



    public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api", "MyApi") { ApiSecrets = { new Secret("secret".Sha256()) } }
};
}


UPDATE 2



Yes I have enabled Trace. After bit more of playing around with the code and reinstalling the packages, I now get a different error.Request is made to /connect/accesstokenvalidation. This endpoint is not available in IDS4



Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/accesstokenvalidation application/x-www-form-urlencoded 70
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 3.405ms 404
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ9RBG591K", Request id "0HLIJ9RBG591K:0000000A": the application completed without reading the entire request body.







asp.net-core asp.net-web-api2 identityserver4 identityserver3






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 26 '18 at 4:36







Amitesh

















asked Nov 25 '18 at 7:21









AmiteshAmitesh

2371320




2371320













  • There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.

    – Rosdi Kasim
    Nov 25 '18 at 7:25











  • Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject

    – Amitesh
    Nov 25 '18 at 8:10













  • Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.

    – Rosdi Kasim
    Nov 25 '18 at 9:42











  • Please see update for the logs and code snippet

    – Amitesh
    Nov 25 '18 at 20:19













  • If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'

    – Amitesh
    Nov 25 '18 at 22:27



















  • There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.

    – Rosdi Kasim
    Nov 25 '18 at 7:25











  • Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject

    – Amitesh
    Nov 25 '18 at 8:10













  • Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.

    – Rosdi Kasim
    Nov 25 '18 at 9:42











  • Please see update for the logs and code snippet

    – Amitesh
    Nov 25 '18 at 20:19













  • If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'

    – Amitesh
    Nov 25 '18 at 22:27

















There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.

– Rosdi Kasim
Nov 25 '18 at 7:25





There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.

– Rosdi Kasim
Nov 25 '18 at 7:25













Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject

– Amitesh
Nov 25 '18 at 8:10







Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject

– Amitesh
Nov 25 '18 at 8:10















Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.

– Rosdi Kasim
Nov 25 '18 at 9:42





Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.

– Rosdi Kasim
Nov 25 '18 at 9:42













Please see update for the logs and code snippet

– Amitesh
Nov 25 '18 at 20:19







Please see update for the logs and code snippet

– Amitesh
Nov 25 '18 at 20:19















If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'

– Amitesh
Nov 25 '18 at 22:27





If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'

– Amitesh
Nov 25 '18 at 22:27












1 Answer
1






active

oldest

votes


















0














OK Finally I managed to solve it after 3 days of headache.



connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
System.IdentityModel.Tokens.Jwt to 4.0.2.206221351



I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.



    public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("my_api", "SmartBiz Api")
{
ApiSecrets = { new Secret("secret".Sha256()) },
Scopes =
{
new Scope("the_api")
}
}
};
}


Thanks for your help Rosdi Kasim






share|improve this answer

























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53465470%2fuse-identityserver3-accesstokenvalidation-in-asp-net-web-api-to-talk-to-ids4%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    OK Finally I managed to solve it after 3 days of headache.



    connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
    System.IdentityModel.Tokens.Jwt to 4.0.2.206221351



    I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.



        public static IEnumerable<ApiResource> GetApiResources()
    {
    return new List<ApiResource>
    {
    new ApiResource("my_api", "SmartBiz Api")
    {
    ApiSecrets = { new Secret("secret".Sha256()) },
    Scopes =
    {
    new Scope("the_api")
    }
    }
    };
    }


    Thanks for your help Rosdi Kasim






    share|improve this answer






























      0














      OK Finally I managed to solve it after 3 days of headache.



      connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
      System.IdentityModel.Tokens.Jwt to 4.0.2.206221351



      I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.



          public static IEnumerable<ApiResource> GetApiResources()
      {
      return new List<ApiResource>
      {
      new ApiResource("my_api", "SmartBiz Api")
      {
      ApiSecrets = { new Secret("secret".Sha256()) },
      Scopes =
      {
      new Scope("the_api")
      }
      }
      };
      }


      Thanks for your help Rosdi Kasim






      share|improve this answer




























        0












        0








        0







        OK Finally I managed to solve it after 3 days of headache.



        connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
        System.IdentityModel.Tokens.Jwt to 4.0.2.206221351



        I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.



            public static IEnumerable<ApiResource> GetApiResources()
        {
        return new List<ApiResource>
        {
        new ApiResource("my_api", "SmartBiz Api")
        {
        ApiSecrets = { new Secret("secret".Sha256()) },
        Scopes =
        {
        new Scope("the_api")
        }
        }
        };
        }


        Thanks for your help Rosdi Kasim






        share|improve this answer















        OK Finally I managed to solve it after 3 days of headache.



        connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
        System.IdentityModel.Tokens.Jwt to 4.0.2.206221351



        I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.



            public static IEnumerable<ApiResource> GetApiResources()
        {
        return new List<ApiResource>
        {
        new ApiResource("my_api", "SmartBiz Api")
        {
        ApiSecrets = { new Secret("secret".Sha256()) },
        Scopes =
        {
        new Scope("the_api")
        }
        }
        };
        }


        Thanks for your help Rosdi Kasim







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Nov 26 '18 at 17:42

























        answered Nov 26 '18 at 5:40









        AmiteshAmitesh

        2371320




        2371320
































            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53465470%2fuse-identityserver3-accesstokenvalidation-in-asp-net-web-api-to-talk-to-ids4%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            404 Error Contact Form 7 ajax form submitting

            How to know if a Active Directory user can login interactively

            Refactoring coordinates for Minecraft Pi buildings written in Python