I followed these links:
These are my settings:
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddAuthentication()
.AddIdentityServerJwt();
services.ConfigureNonBreakingSameSiteCookies();
// Adjust to this (or similar)
services
.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
// add an instance of the patched manager to the options:
options.CookieManager = new ChunkingCookieManager();
});
And then in the configure:
app.UseCookiePolicy();
I am trying to run identity over http. I get those errors when setting certain (but not all) cookies, and I completely fail to delete the cookies in chrome
Everything is okay in your code, but you should more configure your cookies.
Add additional attributes - Secure
, HttpOnly
and SameSite
in AddCookie
. More information in official documentation
Example:
services
.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
// add an instance of the patched manager to the options:
options.CookieManager = new ChunkingCookieManager();
options.Cookie.HttpOnly = true;
options.Cookie.SameSite = SameSiteMode.None;
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
});