All Questions
Tagged with identityserver4 oauth
149
questions
0
votes
1
answer
307
views
NextJS + NextAuth + IdentityServer4. Not calling /connect/token endpoint
I really don't get what I am doing wrong. Maybe I'm not understanding how it really works..
With NextAuth I'm trying authorize the application with an IdentityServer in Net Core.
I successfully show ...
0
votes
0
answers
29
views
How to deal with authentication issue combining the Reactapp and Identity Server4
My OAuth Server implemented using Identity Server4; The issue is I can able to access the Client-2 app after authenticated Client-1 app
alone.
I have two react apps and server apps (Reactapp-1, ...
0
votes
1
answer
56
views
Bandwidth for C# IdentityServer4
I've inherited a legacy application that utilizes a C# implementation of IdentityServer4 to handle its OAuth work.
Recently we've started to see a lot of degradation in performance, with no changes ...
0
votes
1
answer
74
views
Why does GetUserInfoAsync() complain on "Bearer token not found"?
Here's my code :
var client = new HttpClient();
var firstResponse = await client.RequestPasswordTokenAsync(new PasswordTokenRequest
{
Address = disco.TokenEndpoint,
...
0
votes
1
answer
40
views
add custom claims to external oAuth provder
Currently we are using an external oAuth provider for authentication and its a SSO so the user can login to our posrtal and other posrtal within the organization with same token. The problem is our ...
2
votes
2
answers
4k
views
When someone requests a new Refresh Token, should I update the new Refresh Token's expiry date?
When the client requests a new Refresh Token, should the Api update the new Refresh Token's expiry date or should I only send back a new Access Token and Refresh token, without updating the expiry ...
0
votes
1
answer
525
views
Identity Server - unsupported_grant_type
I have the following client:
new Client
{
ClientId = "clientOne",
AccessTokenType = AccessTokenType.Jwt,
IncludeJwtId = true,
...
0
votes
1
answer
949
views
angular-oauth2-oidc - Not passing 'State' and 'Scope'
There is a requirement from the identity server of not to pass 'state' and 'scope' in the URL.
The request is in following format
URL?app=xxx&response_type=code&client_id=yyy&state=zzz&...
0
votes
1
answer
524
views
OAuth 2.0, how to properly handle browser back button that navigates to an exchange endpoint?
I am implementing OAuth 2.0 protocol within my MVC application. Everything seem to working as expected except for one thing.
How do I handle a scenario with a browser back button when user is been ...
1
vote
0
answers
157
views
Authenticate users in my django app using an existing ASP.Net IdentityServer login app
I'm trying to authenticate users in my django app using an existing ASP.Net IdentityServer login app. I've seen the documentation has an example for an angular or react(Javascript based app) but not ...
0
votes
2
answers
727
views
Re-authentication using Identity Server 4
We have 2 MVC applications as clients and an Identity Server 4.
We have setup cookie middleware and openIdconnect using owin.
Client 1 has a cookie lifetime of 40 minutes.
Client 2 has a cookie ...
0
votes
1
answer
136
views
IdentityServer4 and external oauth privider: The oauth state was missing or invalid
I'm trying to implement external oauth authentication within IdentityServer4.
All auth requests goes successfully. I have a message AuthenticationScheme: Identity.External signed in. in app log.
But ...
1
vote
1
answer
448
views
OpenIdConnect working with scopes to limit access to resources
I want to implement a solution where having 2 apis which take data from one another restrict access to the exposed endpoints by scopes.
Let's say that api1 exposes two scopes. read-only and write-only....
1
vote
1
answer
470
views
Identityserver and client secrets in a blazor server app
I have a Identityserver and a blazor server app running and I am using the code workflow to get my tokens. I have a secret for my blazor app but just found out, that I can get my token aswell when I ...
0
votes
1
answer
192
views
Identityserver4 authorization across multiple applications (Grafana, .net API)
I have the following setup:
grafana with auth based on generic oauth (https://grafana.com/docs/grafana/latest/auth/generic-oauth/),
identityserver4,
.net core API.
I want to develop custom front-end ...