search

IdentityServer / IdentityServer4.AccessTokenValidation

IdentityServer Access Token Validation for ASP.NET Core
Apache License 2.0
544 stars 214 forks source link

Reference Token Warning for unauthenticated request #61

Closed skolmer closed 7 years ago

skolmer commented 7 years ago

Not sure if this is an issue in the token validator or if I miss something in my configuration. I'm using the following configuration for my api:

            app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
            {
                Authority = authority,
                ApiName = "myapi",
                SupportedTokens = SupportedTokens.Jwt,
                AutomaticAuthenticate = true,
                AutomaticChallenge = true
            });

If I send a request without a token to an api endpoint that does not require authentication I get the following warning: No validator configured for reference token. Ensure ApiName and ApiSecret have been configured to use introspection.

Did I miss something in my configuration? I have set SupportedTokens to Jwt because I don't want to use reference tokens.

Thanks

skolmer commented 7 years ago

Nevermind. I found one request that had just bearer as header value set. ;)