I am trying to get the Asp.Net Identity Sample of the Identity Server working in my Web Api project, and a beginner I am trying to work on getting tokens and sending request to APIs using the the bearer tokens.
So using fiddler, I can send a request to the https://localhost:44333/core/connect/token with the following content: client_id=roclient&client_secret=secret&grant_type=password&username=bob&password=mypass&scope=read write offline_access and it works fine, I get the access token and the refresh token.
Then I have a Web Api project in my solution, which has the code to use the bearer token:
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44333",
ValidationMode = ValidationMode.ValidationEndpoint,
RequiredScopes = new[] { "api1" }
});
and a test controller in which an api is protected using the [Authorize] decorator.
As I said, fetching the token works fine, but when I use fiddler to send the request to the api I always get "401 authorization denied..." thing.
What I put in my fiddler request is of course:
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImE...
Am I doing anythign wrong?
In your Token request, you are requesting the read and write scope. Your api checks for the api1 scope. This cannot work.