How to Validate OpenID Connect Access Token generated by identityserver4 in ASP.NET WEB API
Question
How to Validate OpenID Connect Access Token generated by identityserver4 in ASP.NET WEB API.
The Scenario is
- I have one Angular Client Application which is getting one OpenID Connect Access Token after Login.
- Now That Client Application wants some information from one ASP.NET API. Client can call the API along with the Access Token.
But Question is, How should I validate that Token in my ASP.NET API???
I can easily do that in ASP.NET CORE API .
BUT I NEED Solution to do the same in ASP.NET API. (Not in core) Thanks in advance.
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(o =>
{
o.ApiName = "APINameRegisteredInIdentityServer";
o.ApiSecret = "SomeAPISecreteValue";
o.Authority = "MyAuthorityURL";
o.SaveToken = true;
o.SupportedTokens = IdentityServer4.AccessTokenValidation.SupportedTokens.Both;
});
1 answers
solution1
0 2018-06-13 14:12:27
You can use the IdentityServer3.AccessTokenValidation OWIN middleware package, even for Identity Server 4 tokens - https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation .
There are samples here - https://github.com/IdentityServer/CrossVersionIntegrationTests
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.