search

IdentityServer / IdentityServer3

OpenID Connect Provider and OAuth 2.0 Authorization Server Framework for ASP.NET 4.x/Katana
https://identityserver.github.io/Documentation/
Apache License 2.0
2.01k stars 764 forks source link

id_token in cookie makes cookie size large #3432

Closed olonga closed 7 years ago

olonga commented 7 years ago

Question / Issue

I have been putting id_token in auth cookie since you need this token while doing single sign out.
notification.ProtocolMessage.IdTokenHint = notification.OwinContext.Authentication.User.FindFirst("id_token").Value;

However, it makes the cookie size larger. So, we were thinking if this is the only time, we need it, it would perhaps be not a bad idea to store it in a database for the user. This way, we could retrieve it before doing the sign out and send it to the ids and will also keep the auth cookie size smaller. Please advise. Thanks.

Relevant parts of the log file

<log goes here>
brockallen commented 7 years ago

This seems to be a general question about IdentityServer - not a bug report or an issue.

Please use StackOverflow for that. This has the advantage that questions and answers can be easily found by search engines, and that there are more people answering questions than just us.

For IdentityServer3 https://stackoverflow.com/questions/tagged/?tagnames=identityserver3&sort=newest

For IdentityServer4 https://stackoverflow.com/questions/tagged/?tagnames=identityserver4&sort=newest

For commercial support https://identityserver.io/