search

IdentityServer / IdentityServer4

OpenID Connect and OAuth 2.0 Framework for ASP.NET Core
https://identityserver.io
Apache License 2.0
9.23k stars 4.01k forks source link

identityserver4 authorize endpoint not without client secret,but token endpoint must use client secret #5387

Closed AlbertXiaoPeng closed 2 years ago

AlbertXiaoPeng commented 2 years ago

identityserver4 authorize endpoint not without client secret,but token endpoint must use client secret

Question

Instead of using PKCE and Client Secret for authorize endpoint access, the relevant content of Figure 1 below is used. (GET Method) However, when accessing the Token endpoint, you need to use the Client Secret, as shown in Figure 2 below. (Post Method)

Images

image1 image

image2 image

How to achieve I use RequireClientSecret:true, but I get an error when accessing the authorize endpoint

Translated with www.DeepL.com/Translator (free version)

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Questions are community supported only and the authors/maintainers may or may not have time to reply. If you or your company would like commercial support, please see here for more information.

github-actions[bot] commented 2 years ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.