DuendeSoftware / Support

Support for Duende Software products
21 stars 0 forks source link

Is it possible to secure a .net 4.7.2 web api with Duende #1402

Closed n8all3n closed 2 months ago

n8all3n commented 2 months ago

Which version of Duende IdentityServer are you using? 7.0.6 Which version of .NET are you using? 4.72

Describe the bug I'm fairly new to Duende and want to try to see if it will work to secure a WebApi written in .net 4.7.2. Currently it's using IdentityServer3.AccessTokenValidation since the token was coming from Sitefinity 13 Identity server.

Currently it's using code like this on the web api side

 app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
 {
     Authority = "https://sitefinitysts"
     RequiredScopes = new [] { "openid", "profile" },
     PreserveAccessToken = true,
     DelayLoadMetadata = true
 });

I understand this is not the correct way to do this with Duende. Is there any example or docs you can point me to that secures a .net 4.7.2 web api using Duende.

Thanks in advance for any guidance on this, as I'm absolutely loving Duende so far!

n8all3n commented 2 months ago

Sorry this was totally my mistake, and I had my scopes incorrect, and didn't have signing configured correctly, so am closing it.

For the record I was able to use the IdentityServer3.AccessTokenValidation like in the code above with Duende.