All Questions
Tagged with openid-connect identityserver4
715
questions
0
votes
1
answer
67
views
why offline_access scope is needed to request refresh token in IdentityServer (OAuth2)?
I have to set AllowOfflineAccess = true to get refresh token
public static class Config
{
public static IEnumerable<Client> Clients =>
new Client[]
{
new ...
0
votes
2
answers
29
views
why Relying Party doesn't honour IdentityServer's `IdentityTokenLifetime` setting?
I set IdentityTokenLifetime (https://github.com/DuendeSoftware/IdentityServer/blob/e9860c6488f90e8fbc11a4452b9dd111dbfae933/src/Storage/Models/Client.cs#L187) to a very small value 60 seconds, but ...
0
votes
0
answers
76
views
Blazor Web App and Duende IdentityServer keeps getting logged out
I've set up the following,
Duende IdentityServer (IDP)
API
Blazor Web App (.Net 8)
The Web App consists of a Server and Client project.
When logging in I get authenticated and able to retrieve data ...
0
votes
1
answer
24
views
Identity server redirection problems on the same browser instance
I have a problem when I use many account in the same instance of browser.
In the first connection from my site to the client site, the authorize endpoint is invoking, and I have in the log: "No ...
0
votes
0
answers
18
views
window.addEventListener('load',... does not trigger on Chrome on iOS (iPad)
We are using identity Server 4.
We are using .NET Core RazorPages web-applications.
They authenticate via openid-connect
While authentificating,the client is redirected to a html page with a hidden ...
0
votes
0
answers
25
views
In Identity Server, How to silently re-sign in an already logged session?
I had a configuration client + handler that worked only with cookies.
I have many users already logged with that cookies
That configuration didn't emit tokens, then I changed the client + handler to ...
0
votes
0
answers
36
views
Identity Server 4 add saml2 client
We have an identity server 4 as our identity provider. It uses openId and we have all the clients configured using the OpenId protocol. We have a portal that uses one of these clients for ...
0
votes
0
answers
47
views
Call Databricks Api from IdentityServer4 client
I am using IdentityServer4 with Microsoft Entra Id as my external login provider. I want to access Databricks api via IdentityServer4.
I have registered IdentityServer4 in Entra and configured ...
0
votes
0
answers
14
views
IdentityServer4 "Unknown location" when redirecting to client
I am using IdentityServer application as an external provider. After redirecting from IdentityServer back to my application I am getting "500 unable to unprotect message state. Unknown location&...
0
votes
0
answers
145
views
IdentityServer 4 - idsrv and idsrv.session cookies blocked on signin-oidc call
I'm working with IDS4 behind a reverse proxy. I find these IdentityServer cookies blocked on the signin-oidc call:
Blocked Cookies
(https://i.sstatic.net/zimtm.png)
The error msg on the cookies is:
&...
0
votes
0
answers
101
views
How can I get the access token from IdentityServer4 for an external login user which does not even have a password?
I am able to call or redirect to IdentityServer endpoint "GoogleLogin" from my SPA using html anchor tag href. And then, I got redirected to Google sign-in screen, on a successful sign-in, ...
0
votes
0
answers
46
views
Does Microsoft.AspNetCore.Authentication.MicrosoftAccount validate claims to mitigate N0Auth?
When using the Nuget package "Microsoft.AspNetCore.Authentication.MicrosoftAccount" (https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.MicrosoftAccount/), does this follow ...
0
votes
1
answer
528
views
.NET 5 Unable to unprotect the message.State when trying the sign-in callback
We are running an Azure app service (linux) which is used for authentication and authorization. It is using Microsoft Identity to use Azure AD authentication, so we are using Azure ad oidc. Couple of ...
0
votes
2
answers
281
views
Wildcards support for AllowedCorsOrigins in IdentityServer4
I use IdentityServer4 to login to my app using authorization_code flow.
I need to add support of wildcards for AllowedCorsOrigins in IdentityServer4 client configuration. I created my implementation ...
0
votes
2
answers
97
views
How to Get Rid of Unwanted Issued Cookie Claims in IdentityServer4
I am using IdentityServer4 with id_token flow. At the moment, I am only storing about 2 custom claims, but my cookie is already nearing size limit 3623/4093 bytes, because apparently IdentityServer4 ...