I am using ASP.NET 5, In my solution I have Web API, Identity Server and Angular 2 project and I am authenticating Angular 2 client by using Identity Server, Angular 2 client consumes web api by pa...

We have an ASP.NET MVC application that is authenticating without issue against IdentityServer3, however the web API part of the application using ApiController's start to fail if the user waits be...

I'm trying to validate access tokens against at_hash. Token header is like this { "typ": "JWT", "alg": "RS256", "x5t": "MclQ7Vmu-1e5_rvdSfBShLe82eY", "kid": "MclQ7Vmu-1e5_rvdSfBShLe82eY" } Ho...

I didn't get exactly how NSwag interact with IdentityServerX bearer tokens and adds it request header conventionally? My host api application implements IdentityServer3 with LDAP auth, so as far as...

I'm currently working on site that uses various Ajax-requests to save, load and autocomplete data. It is build using C#, MVC and JQuery. All actions on the MVC controllers require the users to be a...

I have my own identity authority set up using the Identity Server. I'm running a native windows application and currently I'm using IdentityModel's OidcClient library to connect on the authority a...

I've got IdentityServer3 running as a standalone identity server. I have a separate MVC client that uses Cookies and OpenIdConnect for authentication. I'm trying to set up claims transformations a...

I'm writing an ASP.Net Core Web Application and using UseOpenIdConnectAuthentication to connect it to IdentityServer3. Emulating their ASP.Net MVC 5 sample I'm trying to transform the claims receiv...

I am confused and a bit lost about using ASP.NET Core Identity with a React SPA. I have read Microsoft documentation about ASP.NET Core Identity several times, mostly focusing on the Identity with...

I have an application using the OWIN middleware for OpenIdConnect. The startup.cs file uses the standard implementation of app.UseOpenIdConnectAuthentication. The cookie is set to the browser, but ...

I have a very simple MVC5 website that I'm trying to secure with IdentityServer3. Both my website and my IdentityServer instance are hosted as separate sites in AppHarbor. Both are behind https. ...

I am getting the error 'The client application is not known or is not authorized.' when accessing a protected area of my site. Here's my Clients: public static class Clients { public static IEnu...

I have an odd issue that I am trying to track down. If I deploy my client and Identity Server to Azure, using a self signed certificate then the code works. I have now moved it to our UAT environ...

Trying to access discovery client for accessing other endpoints and following with, http://docs.identityserver.io/en/aspnetcore1/endpoints/discovery.html Installed IdentityModel nuget package in .N...

Recently I've implemented 2FA for my WebAPI using IdentityServer3. Everything works as expected if the login is made locally (using the IUserService). Now, I want to be able to do this login by iss...

I'm trying to setup SSO using OWin and Thinktecture Identity Server but I am not having any luck getting the SSL certificate to work. At least I think that's the problem. All works fine when I'm in...

I have a web api / mvc hybrid app and I have configured it to use cookie authentication. This works fine for the mvc portion of the application. The web api does enforce the authorization, but inst...

We are using identity server to generate access token for our web services. We have added swagger also. But the problem we faced is, to generate an access token by using a code snippet for API auto...

My configuration has 3 sites: Identity Server (Idp), Windows Authentication host and my end-user client site. On the client site, I request a controller decorated with [Authorize] and Identity Serv...

I’ve a requirement to add custom members in the token response of the Identity Server Token Endpoint. Sample expected response: { "access_token": "XXXXXXXXXXXXXXX", "token_...

I'm trying to set up Thinktecture's Identity Server 3, but I can't seem to get it to return a refresh token when exchanging an authorization code (or when using the ResourceOwner flow, but I'm goin...

I was working around IdentityServer 4 (1.0.0-beta5). By default, the endpoint for authentication is: '/connect/token'. How can I change the default endpoints in IdentityServer, for instance to: ...

I'm trying to use IdentityServer3, but don't know why I'm getting "invalid_client" error always, always no matter what I do. This is the code I'm using: //Startup.cs (Auth c# project) public void...

I have read Dominik's blog post on authentication vs permission modeling using Identity Server (https://leastprivilege.com/2016/12/16/identity-vs-permissions/). Since I am mostly using role based a...

I can't find any example for this kinda solution. Is it doable ? In my knowledge, it should be, but I haven't seen anyone doing this. Any downside for this way ? Thanks !