我们可以在Identity Server 4中设置静态发行者吗? [英] Can we set a static issuer in Identity Server 4?

问题描述

作为响应的访问令牌包含以下声明:

The access token in response contains the following claims:

"alg": "RS256",
"kid": "143e829c2b57489969753ba4f8205979df0da988c640cffa5f1f4eda1b6e6aa4",
"typ": "JWT"
"nbf": 1481451903,
"exp": 1481455503,
"iss": "https://localhost:44350",
"aud": [ "https://localhost:44350/resources", "customAPI" ],
"client_id": "oauthClient",
"scope": [ "customAPI.read" ]

这是告诉我的应用程序使用IdentityServer进行身份验证的配置

And here is the config to tell my application to use IdentityServer to authenticate

app.UseIdentityServerAuthentication(
    new IdentityServerAuthenticationOptions
        {
            Authority = "https://localhost:44350/",
            ApiName = "customAPI",
            ApiSecret = "secret",
            AllowedScopes = {"customAPI.full_access", "customAPI.read_only" },                
            RequireHttpsMetadata = false
        });

除 https://localhost:44350/之外，我如何允许用户在IdentityServer的不同别名上进行身份验证例如: http://192.168.1.20:44350/?

How do I allow the user to authenticate on different alias of the IdentityServer aside https://localhost:44350/ e.g : http://192.168.1.20:44350/?

当前，从后一个域获取的令牌在我的将权限"设置为前一个域的客户端上被视为无效.

As currently the token get from the latter domain is deemed as invalid on my client which has the Authority setting to the former domain.

推荐答案

在 ConfigureServices 方法中添加IdentityServer时，可以设置静态发行者名称.它位于传递给 AddIdentityServer 的选项上.

You can set a static issuer name when adding IdentityServer in the ConfigureServices method. It's on the options passed into AddIdentityServer.

https://identityserver4.readthedocs.io/en/release/reference/options.html

这篇关于我们可以在Identity Server 4中设置静态发行者吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！