517 questions
0
votes
1
answer
33
views
OpenIddict: Token endpoint 403 error when using external OAuth2 IdP
I'm trying to configure OpenIddict v5.8.0 to work with an external OAuth2 Identity Provider (IdP) using authorization code flow. I'm using the OpenIddict.Sandbox.AspNetCore.Server project as a ...
- 1
0
votes
0
answers
27
views
How do I change the OpenIddict client settings when a user tries to log in?
I am trying to implement an OpenIddict client that logs in with Entra, and I have got it working by setting up the client at Startup.cs, where I put in my client details (clientId, clientSecret, ...
- 1,451
0
votes
1
answer
28
views
How to report user is locked to OpenId client?
I have an OIDC Identity Server in ASP.NET, and there is a client (also in ASP.NET) connecting to it for authorization using the client credentials flow.
When a user tries to log in and enters the ...
- 494
0
votes
0
answers
19
views
How can I configure OpenIdDict for local token validation?
I use the library OpenIDDict (version 5.*) to work with the token. I have an authorization server that works with tokens. And there is also another regular service, now it works as a client. Sends a ...
-1
votes
1
answer
35
views
How to use an identifier other than "email" for users in Firebase Authentication + OIDC
I've set up Firebase Authentication for my app with an OIDC provider. In this OIDC provider, the email address isn't required to be unique. For instance, users from the same company could share their ...
- 336
0
votes
1
answer
30
views
How to write single claim value as an array?
I'm having a bit of a trouble with OpenIDDict in combination with Python Authlib.
The problem begins, when there's an amr claim with a single value, since the Python Authlib is applying the OIDC specs ...
- 6,218
0
votes
1
answer
59
views
How to insert tokens into cookies in OpenIdConnect
I am using OpenIddict to implement authentication and authorization in my IdentityServer and I need to insert access_token and refresh_token into cookies. I have a class that extends ...
- 1
0
votes
0
answers
37
views
Set up OpenIddict to accept both internal and external tokens
How to allows a service to both authenticate tokens it issues itself and authenticate tokens from another service on a different port?
I'm trying config like this but it not working, it only ...
- 1
0
votes
1
answer
22
views
OpenIddict password flow dont return claims
I am using OpenIddict Hollastin sample, but in client after authentication there are no added claims like Email, Name in Principal.
OpenIddictClientService.AuthenticateWithPasswordAsync
Claims exist ...
- 2,372
0
votes
0
answers
31
views
Show log in page in OpenIdDict with Degraded Mode
I am setting up a new ASP.Net Core application with OpenIdDict Degraded Mode as an OAuth2 server. I initialized the server with
builder.Services.AddOpenIddict()
.AddCore(opt => { })
....
- 1,171
0
votes
1
answer
37
views
I get the error "The specified token cannot be used with this resource server" when app is deployed, but not in local dev environment
Some quick context on the system I am developing before getting into the problem. I have an Single Sign On (SSO) system where the Identity Provider (IDP) has an API endpoint for user management. There ...
0
votes
0
answers
33
views
With OpenIddict options.UseOpenIddict() call in AddDbContext is necessary?
builder.Services.AddDbContext<DbContext>(options =>
{
options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection"));
options.UseOpenIddict();
});
I ...
- 73
0
votes
0
answers
38
views
How to encrypt user info in token - OpenIddict
I'm working with OpenIddict and implementing the AuthorizationCodeFlow. I want to encrypt the User Info Token, to return it as JWE (JSON Web Encryption) token to the service provider.
I'm unsure how ...
0
votes
1
answer
71
views
Why is my Blazor Web App throwing a SocketException when authenticating with OpenIddict when deployed to Azure App Service?
I have a Blazor Web App running with Interactive Server Render Mode, and an ID Provider built using OpenIddict. The Blazor App is configured to use the Microsoft OpenIdConnectHandler, essentially ...
1
vote
1
answer
71
views
Blazor OpenIDDict Invalid Issuer
I have an intermitten issue that will occasionally stop upsers from signing into my my site. When they log in they are met with the below error when they are redirected from the OpenIDDict server.
...
- 1,352
0
votes
0
answers
31
views
Persistent Tokens Issue with OpenIddict and MongoDB in .NET Application
I am working on a .NET application using OpenIddict for authentication and MongoDB for token storage. Despite configuring the application to use reference tokens and setting up data protection with ...
- 17
1
vote
2
answers
147
views
Is it possible to use multiple authentication schemes when authorising API requests?
I am currently developing a Single Sign On system, and with this Single Sign On system. I have developed an Admin Client app used for user management. There are API calls in the Identity Provider (IDP)...
0
votes
0
answers
165
views
OpenIddict - Add JWT Token in Cookie after SignIn
I have an application which is an authorization service (AuthService). There are other services (WebApi, front) that should use this service for authorization and authentication. I use Identity + ...
- 1
0
votes
0
answers
54
views
How to disable revoka when Logout event is trigged in ABP Framework?
Does everyone know the way to disable revoka api in ABP when logout event is fired, because i had a system to generate manually tokens for using and it's not saved into database as manual OpenIddict ...
0
votes
0
answers
108
views
Unable to retrieve access token for use in authorisation headers in request to API
I apologize in advance for this being quite a long post, its just the situation is rather specific and I can't find a solution anywhere.
I have been designing a Single Sign On system for the company I ...
0
votes
0
answers
43
views
Claims are not parsed when running API and OpenIdDict auth server in WebApplicationFactory
I am implementing api auth using an OpenIdDict auth server and custom-made role based authorization. Everything works perfectly when running the api and auth server, and testing manually with Postman.
...
- 103
0
votes
0
answers
110
views
.Net 8 Blazor Auto Render Auth State Resetting
I am migrating my Blazor WASM app to the auto render scheme. One issue I have come accross is the auth state re setting (I assume this is after the switch from blazor server to blazor wasm).
I have an ...
- 1,352
0
votes
0
answers
38
views
OpenIddict Claims Issue: The 'active' parameter is malformed or isn't of the expected type
I'm getting the following error on OpenIddict logs. It wasn't happening, and now it is and I can't figure out what is going on.
The event OpenIddict.Validation.OpenIddictValidationEvents+...
- 3,507
0
votes
0
answers
44
views
OpenIddict encrypting of jwt
Using OpenIddict 3, there was a 'enc' value set in the authorization.header, indicating that the accessToken was encrypted.
Now that I've upgraded to OpenIddict 5.6, this value no longer exists (is ...
- 1,943
0
votes
0
answers
84
views
OpenIDDict is not generating tables for .net framework OWIN and entity framework
I am implementing OIDC for my legacy application which is based on .net framework v4.6.2. While following the documentation from OpenIDdict website, it does not create tables which OpenIddict requires....
- 55
0
votes
0
answers
78
views
OpenIddict Introspection + .net Aspire (Service Discovery)
I'm trying to get introspection working with .net Aspire Integration tests, which use random ports for everything. In regular mode the port is consistent and thus setting the issuer using the ...
- 3,507
0
votes
1
answer
237
views
How to set refresh token in cookies for OpenIddict Asp.Net Core
I'm learning OpenIddict follow some samples of them but i didn't find how to set response refresh token in cookies and use the cookie to authenticate. The current behavior I make it work is the ...
- 3
2
votes
0
answers
169
views
Getting a 404 Not found for OpenIddict even if "The token request was successfully validated."
I am attempting to use OpenIddict to set up a client credentials flow using
services.AddDbContext<MyDbContext>(options =>
{
options.UseOpenIddict();
}
services.AddOpenIddict()
....
- 3,162
1
vote
1
answer
162
views
How to make redirect after logout using OpenIddict?
I have logout endpoint that invalidates user token and should perform redirect to login page after logging user out
[HttpGet("logout")]
[HttpPost("logout")]
[ApiVersion(&...
- 41
1
vote
0
answers
101
views
Issue with Error Type Logs in OpenIddict v5.2.0
I am currently experiencing an issue with logging error types while using OpenIddict.
In version 4.8.0, error type logs were correctly captured. However, after upgrading
to the latest version (5.2.0), ...
- 11
0
votes
0
answers
20
views
OpenIdDict - ApplicationID and AuhtorizationId in Tokens
I am implementing my data layer for a project I am involved.
I wonder why the Token entity has a reference to the Application Entity and also to the Authorization Entity since the Authorization Entity ...
0
votes
1
answer
87
views
Problem mapping OIDC and OAuth 2.0 concepts to my application
I am trying to implement an SSO server so that my ASP.NET Core MVC applications can:
Authenticate users with the SSO server
Get the user's roles and claims from the SSO server
Every T minutes I want ...
1
vote
2
answers
418
views
Easy way to administrate (add and remove) OpenIddict clients?
I'm using the latest version (5.6.0) of the NuGet package OpenIddict in an ASP.NET Core project with .NET 8. They have an example on https://documentation.openiddict.com/guides/getting-started/...
- 3,873
0
votes
1
answer
48
views
Using FindByResourceAsync in IOpenIddictScopeManager
I need to use IOpenIddictScopeManager.FindByResourceAsync to retrieve scopes associated with a resource, I only need the scope name not the whole descriptor object, but the return type is ...
- 7,409
0
votes
1
answer
236
views
Localhost authorize page not found
I have a single monolith application running on ASP.NET Core using ABP.IO framework. Currently having a problem with authorization with swagger UI. It was working fine but suddenly not.
When i click ...
0
votes
1
answer
180
views
OpenIddict Certificates - System.Security.Cryptography.CryptographicException: Bad Data
I have an API Web Application hosted in azure (free tier) using OpenIddict for authorization.
I am in the process of trying to setup OpenIddict in the hosted environment to use 2 self signed ...
- 141
0
votes
1
answer
37
views
AccessToken lifetime should be different for UI users and API clients
I'm using authorization code flow to login UI users and client credentials to login API clients.
AccessToken lifetime should be few minutes for UI users but few hours for API clients.
I'm using ...
- 41
0
votes
1
answer
163
views
How to authenticate (OIDC SSO) between applications
I have two OIDC server applications created in .net core c# which have their own server and client, After successful login from server app 1, I need to provide a razor page with the button "...
- 4,425
0
votes
1
answer
113
views
Is having the full OpenIddict request in the ReturnUrl for my login page standard practise & secure? .NET 8.0
As the title suggests, I'm implementing an authorization flow into my Angular app/.NET API with PKCE. My angular app will initiate the auth flow, which in-turn directs the user to my login razor page ...
- 141
0
votes
0
answers
54
views
Invalid tokens after creating the ABP IO container with OpenIddict
Invalid tokens after after creation
the docker of the ABP IO container with OpenIddict. Data Protection is stored in a non-container, but the token signature changes anyway.
Added the builder....
0
votes
0
answers
48
views
Issues with Implementing Sign-out in JavaScript Application Using ASP.NET Core Identity and OpenIddict
I'm currently working on a web application using ASP.NET Core for the backend with Identity and OpenIddict for authentication, and Next.js for the frontend with Next Auth v5. I'm facing issues with ...
- 2,400
0
votes
0
answers
75
views
Continuous loop and "Invalid grant" error during token refresh
I am using an angular application as client and Dotnet server as my backend. After logging in using a custom Dotnet authorization server that implements Openiddict and using the angular-auth-oidc-...
0
votes
1
answer
125
views
Null value when running a Identity Server method
I'm trying to setup a very simple OpenIddict project, but I'm having a lot of problems and questions to make it run.
My project have included just OpenIddict.AspNetCore library and is using Net6.
The ...
- 830
0
votes
0
answers
43
views
Openiddict - Client App loosing authorization when opening a second Client App
I've developed an Identity Server using Openiddict & AspNetCore Identity to handle the SSO for some internal Client Applications.
I'm facing a weird situation when running at least 2 Client Apps ...
- 1
-1
votes
1
answer
108
views
React App accessing ABP.IO Swagger Endpoint returns CORS-Errors (OpenIddict)
After years of MVC I'm doing my first react app and feel like I'm a toddler.
I'm trying to access my ABP.IO Swagger API.
The Url works fine and returns json data correctly, when I try it through the ...
- 446
1
vote
0
answers
125
views
Caching of the Token Introspection
i have wrote the following OpenIddict event which cashes the ClaimsPrincipal for the given token after the Introspection.
public class CacheIntrospectionResponseHandler(IMemoryCache memoryCache, ...
1
vote
1
answer
208
views
Using KeyVaultSecurityKey as asymmetric signing key in OpenIddict server
I am trying to set up an OpenIddict server that uses Azure Key Vault keys to perform JWT signing (I am not trying to store an RSA key in an AKV Secret and then use that; I am trying to set up ...
- 5,782
1
vote
0
answers
126
views
I want to creating a setup script to seed database in openiddict
I am a developer student and working on a openiddict project that is almost done. Before using it in production i want to seed the database in the proper production-ready way. In Openiddict samples, ...
- 11
0
votes
0
answers
140
views
OpenIddict/OIDC Redirect to Auth Server on Logout
I created an OpenIddict auth server for my existing application which uses AspNetCore Identity. The login process works great, but I have an issue with the logout process. I want it to automatically ...
- 184
0
votes
0
answers
100
views
openiddict server with own user validation
I new in openiddict and I see that openiddict uses its own database schema to store users and roles.
I would like to avoid that and use my own schema in any database.. and implement my own sql query ...
