Is there a way to connect/disconnect external OpenId providers IdentityServer 4 "on the fly"
IdentityServer 4 documentation says: "To add support for OpenID Connect authentication to the MVC application, you first need... ...then add the following to ConfigureServices in Startup:
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.Authority = "https://localhost:5001";
options.ClientId = "mvc";
options.ClientSecret = "secret";
options.ResponseType = "code";
options.SaveTokens = true;
});
"
This example shows, how to connect external providers on server runtime.
Is there a way to connect/disconnect it, when server already runs, like "on the fly"?
Thanks.
A better approach is to introduce an internal authentication service (like IdentityServer or OpenIDDict) like this:
My rule of thumb is that your internal clients and APIs should only have to trust one issuer of access tokens. This approach also allows you to standardize what the access and ID token look like internally in your architecture, like this:
Warning: I doubt it is a good idea to allow your end-users to be able to add any OpenID provider they like because then a hacker could impersonate any email in your system. As it is all based on trust!
One approach to supporting dynamically multiple OIDC providers is to hook into the various events exposed by AddOpenIDConnect, dynamically route the authentication request to the correct OIDC server, and handle the response.
- Is there a way to connect/disconnect external OpenId providers IdentityServer 4 "on the fly"
- Clarification on Identityserver 4 protecting API scopes with ApiResources
- Exchanging azure AD token with Identity server token
- IdentityServer4 and SSO
- Invalid_client using OpenIdConnect in client application
- "Key vault reference error" in azure web app configuration setting
- why offline_access scope is needed to request refresh token in IdentityServer (OAuth2)?
- Identity Server 4 ASP.NET Quickstart 'refused connection'
- Bearer token not set as expected
- Setting up JWT authentication using the Identity Server and get access token
- ApiResource vs ApiScope vs IdentityResource
- C# .Net Core API Authorized route with Identity Server 4
- User.Identity.Name is null after local login
- Error with Identity Server and Client App
- Token Request Failing and Returning error invalid grant
- Is "scope" a standard claim?
- Adding External OAuth Authentication via AddOauth
- Understanding the IdentityServer and API communication
- Can't get access token from Identity Server 4 when using IHttpClientFactory and Intercept HttpClient GetAsync
- How can run the IdentityServer for Macos?
- Share authentication cookie between IdentityServer4 clients
- Use of external authentication provider for user credentials, private IdentityServer for token generation
- Migration To NET6
- Identity Server 4: Why i receive unauthorized_client?
- identityserver4 Correlation failed
- Authentication using both Session cookies and/or JWT Bearer Token in .Net Framework Legacy Appliction
- ASP.NET Core JWT authentication changes Claims (sub)
- Set cookie not over HTTPS in ASP.NET Core
- Duende Identity Server Internal API Authorization
- Authorize callback endpoint keeps redirecting to the user interaction login page IdentityServer