Skip to content

Files

Latest commit

 

History

History
46 lines (38 loc) · 1.21 KB

identity-server-3.md

File metadata and controls

46 lines (38 loc) · 1.21 KB

Identity Server 3

This library supports authenticating with Identity Server 3. The only difference from Identity Server 4 is that it requires a clientSecret and there is no way to opt out of it.

// You must include a clientSecret
const config = {
  issuer: 'your-identityserver-url',
  clientId: 'your-client-id',
  clientSecret: 'your-client-secret',
  redirectUrl: 'com.your.app.name:/oauthredirect',
  scopes: ['openid', 'profile', 'offline_access']
};

// Log in to get an authentication token
const authState = await authorize(config);

// Refresh token
const refreshedState = await refresh(config, {
  refreshToken: authState.refreshToken,
});

// Revoke token, note that Identity Server expects a client id on revoke
await revoke(config, {
  tokenToRevoke: refreshedState.refreshToken,
  sendClientId: true
});
Example server configuration
var client = new Client
{
  ClientId = "native.code",
  ClientName = "Native Client (Code with PKCE)",
  Flow = Flows.AuthorizationCodeWithProofKey,
  RedirectUris = { "com.your.app.name:/oauthredirect" },
  ClientSecrets = new List<Secret> { new Secret("your-client-secret".Sha256()) },
  AllowAccessToAllScopes = true
};