How to use identityserver3 in asp.net core 2.0 webapi to validate token from Identityserver3 server

Question

I have a identityserver which is using IdentityServer3 to issue tokens.

I am creating an asp.net core 2.0 api client.

How to validate the token issued by Identityserver3 in ASP.Net Core 2.0 api application?

I tried to install Identityserver3.AccessTokenValidation.AspNetCore, but getting error saying it is not compatible with core.

Can anyone help me how to do this?

Thanks

Answer 1

With .Net Core 2 you can use IdentityServer4.AccessTokenValidation to validate IdentityServer3 token , just make sure to add this line in ConfigureServices method

options.LegacyAudienceValidation = true;

the ConfigureServices should look like this :

public void ConfigureServices(IServiceCollection services)
        {
            services.AddMvcCore(options =>
            {
                // IS3 does not include the api name/audience - hence the extra scope check
                options.Filters.Add(new AuthorizeFilter(ScopePolicy.Create("api")));
            })
                .AddAuthorization();

            services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
                .AddIdentityServerAuthentication(options =>
                {
                    options.Authority = "http://localhost:5002";
                    options.RequireHttpsMetadata = false;

                    options.ApiName = "api";
                    options.ApiSecret = "secret";

                    // this is only needed because IS3 does not include the API name in the JWT audience list
                    // so we disable UseIdentityServerAuthentication JWT audience check and rely upon
                    // scope validation to ensure we're only accepting tokens for the right API
                    options.LegacyAudienceValidation = true;
                });
        }

for more information you can refer to this link