Hi all, I have implemented automatic token cleanup with the below code.
public IServiceProvider ConfigureServices(IServiceCollection services)
const string connectionString = @"Data Source=(LocalDb)\MSSQLLocalDB;database=IdentityServer4.EntityFramework-2.0.0;trusted_connection=yes;";
var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
// this adds the operational data from DB (codes, tokens, consents)
options.ConfigureDbContext = builder =>
sql => sql.MigrationsAssembly(migrationsAssembly));
// this enables automatic token cleanup. this is optional. options.EnableTokenCleanup = true; options.TokenCleanupInterval = 30; // interval in seconds });
After the implementation my Azure SQL DB's DTO percentage getting increased suddenly DTO percentage getting increased around 90 to 100 % once after the deployment in my WebApp . It cause my application. If anyone knows kindly let me know. I'm trying to understand what I did wrong.
hi All, I was wondering if I could get a hand with a URL that I am messing up on somehow:
this provides a code that then states unauthorized_client when calling /connect/token with client_id=rw.MobileClient (and the bearer token has the same)
@rhertenstein_twitter IdentityServer4 writes to Microsoft.Extension.Logging ILogger. Usually more information is written there. I would suggest diving into those and posting back some logs if you can't resolve it.
Here are a few places that will return an unauthorized_client error https://github.com/IdentityServer/IdentityServer4/blob/master/src/IdentityServer4/src/Validation/Default/AuthorizeRequestValidator.cs
We are misusing claims for authorization purposes and our app is crashing (CGI app encountered an error and the server terminated the process) after a user logs in with say 3,000 claims. This happens when we use local login. We can't find the code where the claims are being added to the "ClaimsPrincipal". We also support remote login (via Microsoft) and we did find how to disable it there. In that case there was a separate line of code which added the claims to the principal which we simply commented out. For authorization we created a class that checks the user's claims via the database instead.
So we are stuck at "Where does Identity server append the claims to a locally logged in user?" and "How do we prevent it from doing so?".
I've encountered a problem after upgrading from 2.2.x version to 3 of Identity Server 4. The issue is that tokens according to IdentityServer3.AccessTokenValidation library are no longer valid. After investigation, I've found out that audience that existed in the previous version
auth.ouridentityserver-instance.com/resources no longer exist in the new version, thus this is my prime suspect.
Has anyone else encountered this problem, or have some idea what's wrong with it?