Use IdentityServer3.AccessTokenValidation in ASP.Net web api to talk to IDS4
We have setup Identity server 4 with .Net Core 2.1. We have ASP.Net Web API on .Net 4.6. This cannot be migrated to Core. I have installed IdentityServer3.AccessTokenValidation in this API project together with OWN and other neeeded packages. I can use a client and get the access token from the IdentityServer. When the client uses that token with the API, I get 401. I have searched the web for solutions but cannot find anything that I can use to make this work.
I tried this - https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/issues/164
but did not work. I cannot find any samples.
So my question is is it not possible to use IdentityServer3.AccessTokenValidation to talk to IDS4?
Do I need to setup IDS3 instead?
UPDATE
I turned on verbose logging and got the following
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/introspect application/x-www-form-urlencoded 70
IdentityServer4.Hosting.IdentityServerMiddleware:Information: Invoking IdentityServer endpoint: IdentityServer4.Endpoints.IntrospectionEndpoint for /connect/introspect
IdentityServer4.Validation.ApiSecretValidator:Error: API validation failed.
IdentityServer4.Endpoints.IntrospectionEndpoint:Error: API unauthorized to call introspection endpoint. aborting.
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 26.5186ms 401
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ2C0UKBLN", Request id "0HLIJ2C0UKBLN:00000008": the application completed without reading the entire request body.
Below is my API code in Configuration method
var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44333",
RequiredScopes = new { "api" },
ClientId = "api",
ClientSecret = "secret",
//DelayLoadMetadata = true
});
app.UseWebApi(config);
Code on IDS4 side for the ApiResource.
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api", "MyApi") { ApiSecrets = { new Secret("secret".Sha256()) } }
};
}
UPDATE 2
Yes I have enabled Trace. After bit more of playing around with the code and reinstalling the packages, I now get a different error.Request is made to /connect/accesstokenvalidation. This endpoint is not available in IDS4
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/accesstokenvalidation application/x-www-form-urlencoded 70
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 3.405ms 404
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ9RBG591K", Request id "0HLIJ9RBG591K:0000000A": the application completed without reading the entire request body.
asp.net-core asp.net-web-api2 identityserver4 identityserver3
asked Nov 25 '18 at 7:21
AmiteshAmitesh
2371320
|
show 3 more comments
We have setup Identity server 4 with .Net Core 2.1. We have ASP.Net Web API on .Net 4.6. This cannot be migrated to Core. I have installed IdentityServer3.AccessTokenValidation in this API project together with OWN and other neeeded packages. I can use a client and get the access token from the IdentityServer. When the client uses that token with the API, I get 401. I have searched the web for solutions but cannot find anything that I can use to make this work.
I tried this - https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/issues/164
but did not work. I cannot find any samples.
So my question is is it not possible to use IdentityServer3.AccessTokenValidation to talk to IDS4?
Do I need to setup IDS3 instead?
UPDATE
I turned on verbose logging and got the following
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/introspect application/x-www-form-urlencoded 70
IdentityServer4.Hosting.IdentityServerMiddleware:Information: Invoking IdentityServer endpoint: IdentityServer4.Endpoints.IntrospectionEndpoint for /connect/introspect
IdentityServer4.Validation.ApiSecretValidator:Error: API validation failed.
IdentityServer4.Endpoints.IntrospectionEndpoint:Error: API unauthorized to call introspection endpoint. aborting.
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 26.5186ms 401
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ2C0UKBLN", Request id "0HLIJ2C0UKBLN:00000008": the application completed without reading the entire request body.
Below is my API code in Configuration method
var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44333",
RequiredScopes = new { "api" },
ClientId = "api",
ClientSecret = "secret",
//DelayLoadMetadata = true
});
app.UseWebApi(config);
Code on IDS4 side for the ApiResource.
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api", "MyApi") { ApiSecrets = { new Secret("secret".Sha256()) } }
};
}
UPDATE 2
Yes I have enabled Trace. After bit more of playing around with the code and reinstalling the packages, I now get a different error.Request is made to /connect/accesstokenvalidation. This endpoint is not available in IDS4
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/accesstokenvalidation application/x-www-form-urlencoded 70
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 3.405ms 404
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ9RBG591K", Request id "0HLIJ9RBG591K:0000000A": the application completed without reading the entire request body.
asp.net-core asp.net-web-api2 identityserver4 identityserver3
asked Nov 25 '18 at 7:21
AmiteshAmitesh
2371320
There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.
– Rosdi Kasim
Nov 25 '18 at 7:25
Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject
– Amitesh
Nov 25 '18 at 8:10
Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.
– Rosdi Kasim
Nov 25 '18 at 9:42
Please see update for the logs and code snippet
– Amitesh
Nov 25 '18 at 20:19
If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'
– Amitesh
Nov 25 '18 at 22:27
|
show 3 more comments
We have setup Identity server 4 with .Net Core 2.1. We have ASP.Net Web API on .Net 4.6. This cannot be migrated to Core. I have installed IdentityServer3.AccessTokenValidation in this API project together with OWN and other neeeded packages. I can use a client and get the access token from the IdentityServer. When the client uses that token with the API, I get 401. I have searched the web for solutions but cannot find anything that I can use to make this work.
I tried this - https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/issues/164
but did not work. I cannot find any samples.
So my question is is it not possible to use IdentityServer3.AccessTokenValidation to talk to IDS4?
Do I need to setup IDS3 instead?
UPDATE
I turned on verbose logging and got the following
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/introspect application/x-www-form-urlencoded 70
IdentityServer4.Hosting.IdentityServerMiddleware:Information: Invoking IdentityServer endpoint: IdentityServer4.Endpoints.IntrospectionEndpoint for /connect/introspect
IdentityServer4.Validation.ApiSecretValidator:Error: API validation failed.
IdentityServer4.Endpoints.IntrospectionEndpoint:Error: API unauthorized to call introspection endpoint. aborting.
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 26.5186ms 401
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ2C0UKBLN", Request id "0HLIJ2C0UKBLN:00000008": the application completed without reading the entire request body.
Below is my API code in Configuration method
var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44333",
RequiredScopes = new { "api" },
ClientId = "api",
ClientSecret = "secret",
//DelayLoadMetadata = true
});
app.UseWebApi(config);
Code on IDS4 side for the ApiResource.
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api", "MyApi") { ApiSecrets = { new Secret("secret".Sha256()) } }
};
}
UPDATE 2
Yes I have enabled Trace. After bit more of playing around with the code and reinstalling the packages, I now get a different error.Request is made to /connect/accesstokenvalidation. This endpoint is not available in IDS4
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/accesstokenvalidation application/x-www-form-urlencoded 70
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 3.405ms 404
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ9RBG591K", Request id "0HLIJ9RBG591K:0000000A": the application completed without reading the entire request body.
asp.net-core asp.net-web-api2 identityserver4 identityserver3
asked Nov 25 '18 at 7:21
AmiteshAmitesh
2371320
We have setup Identity server 4 with .Net Core 2.1. We have ASP.Net Web API on .Net 4.6. This cannot be migrated to Core. I have installed IdentityServer3.AccessTokenValidation in this API project together with OWN and other neeeded packages. I can use a client and get the access token from the IdentityServer. When the client uses that token with the API, I get 401. I have searched the web for solutions but cannot find anything that I can use to make this work.
I tried this - https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/issues/164
but did not work. I cannot find any samples.
So my question is is it not possible to use IdentityServer3.AccessTokenValidation to talk to IDS4?
Do I need to setup IDS3 instead?
UPDATE
I turned on verbose logging and got the following
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/introspect application/x-www-form-urlencoded 70
IdentityServer4.Hosting.IdentityServerMiddleware:Information: Invoking IdentityServer endpoint: IdentityServer4.Endpoints.IntrospectionEndpoint for /connect/introspect
IdentityServer4.Validation.ApiSecretValidator:Error: API validation failed.
IdentityServer4.Endpoints.IntrospectionEndpoint:Error: API unauthorized to call introspection endpoint. aborting.
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 26.5186ms 401
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ2C0UKBLN", Request id "0HLIJ2C0UKBLN:00000008": the application completed without reading the entire request body.
Below is my API code in Configuration method
var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44333",
RequiredScopes = new { "api" },
ClientId = "api",
ClientSecret = "secret",
//DelayLoadMetadata = true
});
app.UseWebApi(config);
Code on IDS4 side for the ApiResource.
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api", "MyApi") { ApiSecrets = { new Secret("secret".Sha256()) } }
};
}
UPDATE 2
Yes I have enabled Trace. After bit more of playing around with the code and reinstalling the packages, I now get a different error.Request is made to /connect/accesstokenvalidation. This endpoint is not available in IDS4
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 POST http://localhost:44333/connect/accesstokenvalidation application/x-www-form-urlencoded 70
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 3.405ms 404
Microsoft.AspNetCore.Server.Kestrel:Information: Connection id "0HLIJ9RBG591K", Request id "0HLIJ9RBG591K:0000000A": the application completed without reading the entire request body.
asp.net-core asp.net-web-api2 identityserver4 identityserver3
asp.net-core asp.net-web-api2 identityserver4 identityserver3
asked Nov 25 '18 at 7:21
AmiteshAmitesh
2371320
asked Nov 25 '18 at 7:21
AmiteshAmitesh
2371320
edited Nov 26 '18 at 4:36
Amitesh
asked Nov 25 '18 at 7:21
AmiteshAmitesh
2371320
asked Nov 25 '18 at 7:21
AmiteshAmitesh
2371320
asked Nov 25 '18 at 7:21
AmiteshAmitesh
2371320
2371320
There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.
– Rosdi Kasim
Nov 25 '18 at 7:25
Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject
– Amitesh
Nov 25 '18 at 8:10
Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.
– Rosdi Kasim
Nov 25 '18 at 9:42
Please see update for the logs and code snippet
– Amitesh
Nov 25 '18 at 20:19
If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'
– Amitesh
Nov 25 '18 at 22:27
|
show 3 more comments
There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.
– Rosdi Kasim
Nov 25 '18 at 7:25
Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject
– Amitesh
Nov 25 '18 at 8:10
Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.
– Rosdi Kasim
Nov 25 '18 at 9:42
Please see update for the logs and code snippet
– Amitesh
Nov 25 '18 at 20:19
If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'
– Amitesh
Nov 25 '18 at 22:27
There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.
– Rosdi Kasim
Nov 25 '18 at 7:25
There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.
– Rosdi Kasim
Nov 25 '18 at 7:25
Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject
– Amitesh
Nov 25 '18 at 8:10
Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject
– Amitesh
Nov 25 '18 at 8:10
Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.
– Rosdi Kasim
Nov 25 '18 at 9:42
Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.
– Rosdi Kasim
Nov 25 '18 at 9:42
Please see update for the logs and code snippet
– Amitesh
Nov 25 '18 at 20:19
Please see update for the logs and code snippet
– Amitesh
Nov 25 '18 at 20:19
If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'
– Amitesh
Nov 25 '18 at 22:27
If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'
– Amitesh
Nov 25 '18 at 22:27
|
show 3 more comments
1 Answer
1
active
oldest
votes
OK Finally I managed to solve it after 3 days of headache.
connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
System.IdentityModel.Tokens.Jwt to 4.0.2.206221351
I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("my_api", "SmartBiz Api")
{
ApiSecrets = { new Secret("secret".Sha256()) },
Scopes =
{
new Scope("the_api")
}
}
};
}
Thanks for your help Rosdi Kasim
answered Nov 26 '18 at 5:40
AmiteshAmitesh
2371320
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53465470%2fuse-identityserver3-accesstokenvalidation-in-asp-net-web-api-to-talk-to-ids4%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
OK Finally I managed to solve it after 3 days of headache.
connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
System.IdentityModel.Tokens.Jwt to 4.0.2.206221351
I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("my_api", "SmartBiz Api")
{
ApiSecrets = { new Secret("secret".Sha256()) },
Scopes =
{
new Scope("the_api")
}
}
};
}
Thanks for your help Rosdi Kasim
answered Nov 26 '18 at 5:40
AmiteshAmitesh
2371320
add a comment |
OK Finally I managed to solve it after 3 days of headache.
connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
System.IdentityModel.Tokens.Jwt to 4.0.2.206221351
I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("my_api", "SmartBiz Api")
{
ApiSecrets = { new Secret("secret".Sha256()) },
Scopes =
{
new Scope("the_api")
}
}
};
}
Thanks for your help Rosdi Kasim
answered Nov 26 '18 at 5:40
AmiteshAmitesh
2371320
add a comment |
OK Finally I managed to solve it after 3 days of headache.
connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
System.IdentityModel.Tokens.Jwt to 4.0.2.206221351
I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("my_api", "SmartBiz Api")
{
ApiSecrets = { new Secret("secret".Sha256()) },
Scopes =
{
new Scope("the_api")
}
}
};
}
Thanks for your help Rosdi Kasim
answered Nov 26 '18 at 5:40
AmiteshAmitesh
2371320
OK Finally I managed to solve it after 3 days of headache.
connect/accesstokenvalidation was because of old version of IdentityServer3.AccessTokenValidation. I updated this to version 2.15.1 and also downgarded
System.IdentityModel.Tokens.Jwt to 4.0.2.206221351
I also added scopes to ApiResource as below. However this might not be required. I have not tested without it yet.
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("my_api", "SmartBiz Api")
{
ApiSecrets = { new Secret("secret".Sha256()) },
Scopes =
{
new Scope("the_api")
}
}
};
}
Thanks for your help Rosdi Kasim
answered Nov 26 '18 at 5:40
AmiteshAmitesh
2371320
edited Nov 26 '18 at 17:42
answered Nov 26 '18 at 5:40
AmiteshAmitesh
2371320
answered Nov 26 '18 at 5:40
AmiteshAmitesh
2371320
answered Nov 26 '18 at 5:40
AmiteshAmitesh
2371320
2371320
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53465470%2fuse-identityserver3-accesstokenvalidation-in-asp-net-web-api-to-talk-to-ids4%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
There is no reason why it won't work. IDS3 or 4 both using the same protocol. You must have something configured wrong. To debug, create a console client app and use that to access IDS4.
– Rosdi Kasim
Nov 25 '18 at 7:25
Have you got any samples? I am able to get the access code from IDS4 using a client. However, when the client talks to the API using the token, it does not work. I did try to create ASP.Net Web API Core which worked with IdentityServer4.AccessTokenValidation. However in my case I cannot have ASP.NET Core for the API prject
– Amitesh
Nov 25 '18 at 8:10
Normally what I do, I would turn on verbose debug log in IDS4, you will likely find a clue in the log.
– Rosdi Kasim
Nov 25 '18 at 9:42
Please see update for the logs and code snippet
– Amitesh
Nov 25 '18 at 20:19
If I remove DelayLoadMetadata = true, I get the following error System.TypeLoadException: 'Could not load type 'Microsoft.Owin.Security.Jwt.IIssuerSecurityTokenProvider' from assembly 'Microsoft.Owin.Security.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.'
– Amitesh
Nov 25 '18 at 22:27