0

I am trying to integrate identity server 4 with asp.net identity, the documentation is very good https://identityserver4.readthedocs.io/en/latest/quickstarts/6_aspnet_identity.html

But I would like to be able to make the connection without going through the login page, but to make a direct access via a simple GET while passing the parameters.

I found this article: https://damienbod.com/2017/04/14/asp-net-core-identityserver4-resource-owner-password-flow-with-custom-userrepository/

with this method

var response = await _httpClient.RequestPasswordTokenAsync(new PasswordTokenRequest
{
    Address = _disco.TokenEndpoint,

    ClientId = "resourceownerclient",
    ClientSecret = "dataEventRecordsSecret",
    Scope = "email openid dataEventRecords offline_access",

    UserName = user,
    Password = password
});

But can't make it work with Postman Postman

I have an "invalid_request" error

Here is the client's statement:

new Client
{
    ClientId = "resourceownerclient",

    AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials,
    AccessTokenType = AccessTokenType.Jwt,
    AccessTokenLifetime = 3600,
    IdentityTokenLifetime = 3600,
    UpdateAccessTokenClaimsOnRefresh = true,
    SlidingRefreshTokenLifetime = 30,
    AllowOfflineAccess = true,
    RefreshTokenExpiration = TokenExpiration.Absolute,
    RefreshTokenUsage = TokenUsage.OneTimeOnly,
    AlwaysSendClientClaims = true,
    Enabled = true,
    ClientSecrets=  new List<Secret> { new Secret("dataEventRecordsSecret".Sha256()) },
    AllowedScopes = {
        IdentityServerConstants.StandardScopes.OpenId, 
        IdentityServerConstants.StandardScopes.Profile,
        IdentityServerConstants.StandardScopes.Email,
        IdentityServerConstants.StandardScopes.OfflineAccess,
        "dataEventRecords"
    },
    AllowAccessTokensViaBrowser=true
}

What is the recommended way to be able to use Asp.net Identity in this way?

Improve this question

1 Answer 1

Reset to default
1

You are missing grant_type in your postman request:

POST /connect/token

    client_id=resourceownerclient&
    client_secret=dataEventRecordsSecret&
    grant_type=password&
    username=damienbod&
    password=damienbod&
    scope=email%20openid%20dataEventRecords%20offline_access

Not sure if this is the only issue you have but it definitely one of them. The identityserver logs will contain more details of what is wrong with the request if this is not the only problem.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.