Menu
I'm using the latest react SPA .NET Core 3 template and wondering is there a way to set the "AccessTokenLifetime" for a client, where obviously that client is my SPA.
I've been looking here https://github.com/aspnet/AspNetCore.Docs/blob/master/aspnetcore/security/authentication/identity-api-authorization.md#application-profiles and I've tried quite a few different things.
But doesn't seem there is a way to set client properties, other than the few detailed on the page above eg RedirectUri, LogoutUri
985
After a bit of hunting I found that you can do it during the call to AddApiAuthorization<ApplicationUser, ApplicationDbContext>(); in the Startup
Replace it with:
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>(opt =>
{
foreach (var c in opt.Clients)
c.AccessTokenLifetime = 120; // Expiration in Seconds
});
All of the Token settings for Identity Server seem to be settable here.
Note that the collection of Clients is determined by your configuration. In the case of the basic dotnet net react -o <name> -au Individual template, the following is in the appSettings.json using the name of the project (the -o option to the dotnet command):
"IdentityServer": {
"Clients": {
"ReactAppIdentity": {
"Profile": "IdentityServerSPA"
}
}
I dug around in the source code but unfortunately I couldn't see a way to set these settings via configuration.
183
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
