manjhari
commented
8 years ago I'm closing this as I think it is in the wrong section. I have moved it to IdentityServer3.AccessTokenValidation
Closed manjhari closed 8 years ago
manjhari
commented
8 years ago I'm closing this as I think it is in the wrong section. I have moved it to IdentityServer3.AccessTokenValidation
Hi, I am working on a project where we want to have an IdentityServer hosted on IIS with angular clients and .net APi's hosted on other application servers. We are using the resource owner flow and want the angular client to get an access token and then call the API.
To get this in development I am just using postman as my client for now with a locally hosted (Laptop) identityserver and same host for API. I have created an SSL cert using makecert and installed in trusted root certificates authorities. My hostname is XT87A.
I am easily able to use Postman to get the token via https://XT87A/core/connect/token and then use that token (also via postman) to call my API end point. Problem comes from the API, the error it is returning is Response status code does not indicate success: 404 (Not Found). In the stack trace I see it is calling https://XT87A/core/.well-known/openid-configuration which works in postman perfectly well. However it is also calling https://XT87A/core/core/.well-known/jwks. This is not available, however https://XT87A/core/.well-known/jwks works fine. I don't know why it is putting the extra "core" in the url.
My api startup is wired as follows: private void ConfigureIdentityTokenConsumption(IAppBuilder app) { app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions { Authority = "https://XT87A/core", IssuerName = "XT87A", ValidationMode = ValidationMode.Local, RequiredScopes = new[] { "api" } });
Any help would be greatly appreciated