Cannot use Local or Both validation modes when embedding IDS3

[zsims]

When using a ValidationModel.Local or ValidationMode.Both. Per the docs the discovery endpoint is hit to look up the IssuerName and SigningCertificate.

However, when hosting IDS3 in the same Katana app the discovery endpoint (obviously) isn't available. UseIdentityServerBearerTokenAuthentication throws:

An exception of type 'System.InvalidOperationException' occurred in IdentityServer3.AccessTokenValidation.dll but was not handled in user code

Additional information: IDX10803: Unable to create to obtain configuration from: 'http://localhost:14869/identity/.well-known/openid-configuration'.

I understand this probably isn't a common use-case, but is a valid one? Small repro (modified Simplest OAuth2 Walkthrough sample): https://gist.github.com/zsims/f15b11de7b96c61f2ef5

[leastprivilege]

you need to set issuername and cert manually on the validation middleware in that case.

[zsims]

Thanks for the reply, docs do hint at this. I can raise a PR to clarify if it helps? If not feel free to close this :smile:

[leastprivilege]

Yes do that please

Sent from my iPhone

On 13.11.2015, at 09:58, Zachary Sims notifications@github.com wrote:

Thanks for the reply, docs so hint at this. I can raise a PR to clarify if it helps? If not feel free to close this

— Reply to this email directly or view it on GitHub.

[zsims]

Noticed you did this in https://github.com/IdentityServer/Documentation/commit/fc0ed3a7194b4ec0bf024f6d210ddd2dce59f43a

Thanks for the update!