Skip to main content

All Questions

Ask Question
Tagged with
149 questions
Newest Active Bountied Unanswered
0 votes
1 answer
307 views

NextJS + NextAuth + IdentityServer4. Not calling /connect/token endpoint

I really don't get what I am doing wrong. Maybe I'm not understanding how it really works.. With NextAuth I'm trying authorize the application with an IdentityServer in Net Core. I successfully show ...
auron344's user avatar
auron344
  • 81
0 votes
0 answers
29 views

How to deal with authentication issue combining the Reactapp and Identity Server4

My OAuth Server implemented using Identity Server4; The issue is I can able to access the Client-2 app after authenticated Client-1 app alone. I have two react apps and server apps (Reactapp-1, ...
Meeran S's user avatar
Meeran S
  • 11
0 votes
1 answer
56 views

Bandwidth for C# IdentityServer4

I've inherited a legacy application that utilizes a C# implementation of IdentityServer4 to handle its OAuth work. Recently we've started to see a lot of degradation in performance, with no changes ...
TwelveGates's user avatar
TwelveGates
  • 11
0 votes
1 answer
74 views

Why does GetUserInfoAsync() complain on "Bearer token not found"?

Here's my code : var client = new HttpClient(); var firstResponse = await client.RequestPasswordTokenAsync(new PasswordTokenRequest { Address = disco.TokenEndpoint, ...
user216652's user avatar
user216652
  • 585
0 votes
1 answer
40 views

add custom claims to external oAuth provder

Currently we are using an external oAuth provider for authentication and its a SSO so the user can login to our posrtal and other posrtal within the organization with same token. The problem is our ...
Navin's user avatar
Navin
  • 724
2 votes
2 answers
4k views

When someone requests a new Refresh Token, should I update the new Refresh Token's expiry date?

When the client requests a new Refresh Token, should the Api update the new Refresh Token's expiry date or should I only send back a new Access Token and Refresh token, without updating the expiry ...
O S's user avatar
O S
  • 41
0 votes
1 answer
525 views

Identity Server - unsupported_grant_type

I have the following client: new Client { ClientId = "clientOne", AccessTokenType = AccessTokenType.Jwt, IncludeJwtId = true, ...
Code Ratchet's user avatar
Code Ratchet
  • 5,919
0 votes
1 answer
949 views

angular-oauth2-oidc - Not passing 'State' and 'Scope'

There is a requirement from the identity server of not to pass 'state' and 'scope' in the URL. The request is in following format URL?app=xxx&response_type=code&client_id=yyy&state=zzz&...
RagaSGNur's user avatar
RagaSGNur
  • 277
0 votes
1 answer
524 views

OAuth 2.0, how to properly handle browser back button that navigates to an exchange endpoint?

I am implementing OAuth 2.0 protocol within my MVC application. Everything seem to working as expected except for one thing. How do I handle a scenario with a browser back button when user is been ...
kkdeveloper7's user avatar
kkdeveloper7
  • 535
1 vote
0 answers
157 views

Authenticate users in my django app using an existing ASP.Net IdentityServer login app

I'm trying to authenticate users in my django app using an existing ASP.Net IdentityServer login app. I've seen the documentation has an example for an angular or react(Javascript based app) but not ...
High Roller's user avatar
High Roller
  • 67
0 votes
2 answers
727 views

Re-authentication using Identity Server 4

We have 2 MVC applications as clients and an Identity Server 4. We have setup cookie middleware and openIdconnect using owin. Client 1 has a cookie lifetime of 40 minutes. Client 2 has a cookie ...
Donpoulio's user avatar
Donpoulio
  • 11
0 votes
1 answer
136 views

IdentityServer4 and external oauth privider: The oauth state was missing or invalid

I'm trying to implement external oauth authentication within IdentityServer4. All auth requests goes successfully. I have a message AuthenticationScheme: Identity.External signed in. in app log. But ...
ip.Nightly's user avatar
ip.Nightly
  • 3
1 vote
1 answer
448 views

OpenIdConnect working with scopes to limit access to resources

I want to implement a solution where having 2 apis which take data from one another restrict access to the exposed endpoints by scopes. Let's say that api1 exposes two scopes. read-only and write-only....
user avatar
user18058946
1 vote
1 answer
470 views

Identityserver and client secrets in a blazor server app

I have a Identityserver and a blazor server app running and I am using the code workflow to get my tokens. I have a secret for my blazor app but just found out, that I can get my token aswell when I ...
modmoto's user avatar
modmoto
  • 3,180
0 votes
1 answer
192 views

Identityserver4 authorization across multiple applications (Grafana, .net API)

I have the following setup: grafana with auth based on generic oauth (https://grafana.com/docs/grafana/latest/auth/generic-oauth/), identityserver4, .net core API. I want to develop custom front-end ...
Szymon's user avatar
Szymon
  • 46

15 30 50 per page
1
2 3 4 5
10