stackoom
  简体   繁体   中英

Why round trip to introspection point on each call?

 原文  2019-04-11 01:45:25       c#/ reactjs/ asp.net-core/ identityserver4

Question

I am seeing for each protected API call, a call to the introspection endpoint of identity server. Can I stop this from happening?

We have a React application that uses implicit flow. When the application receives the access token it is then used to make calls to another Web API with the access token. What we noticed is the introspection endpoint is called on each call.

I thought JWT tokens do not need to be validated against the issuer each time a call is made.

I have the following app setup: 

services.AddAuthentication("Bearer")
                .AddIdentityServerAuthentication(options =>
                {
                    options.Authority = identityServiceUri;
                    options.ApiName = "SMAppServices";
                    options.RequireHttpsMetadata = false;
                });

1 answers

solution1
 0  2019-04-22 07:22:49

You have probably set the access token type to reference type. You can check this in the client configuration in the IdentityServer. There is a property called AccessTokenType in the Client class.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Why is a round-trip conversion via a string not safe for a double? asmx round trip json Reducing database round trip AngleSharp and XHTML round-trip Why don't DateTime.ToString(“R”) and DateTime.TryParseExact round trip? Produce a round-trip string for a decimal type An Entity with Key (PK) will not round-trip Round trip XML serializing with .Net DataContractSerializer fails How do I keep this scenario to 1 round trip? Execute multiple SQL commands in one round trip
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM