I am following this doc http://docs.identityserver.io/en/release/topics/clients.html which says to create a client with ClientSecrets = "secret".Sha256() and I get the hashed value is of K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
When I try to use the client with the hashed value:
options.ClientSecret = "K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=";
I get an error saying "invalid_client".
But If I use options.ClientSecret = "secret";
it works.
How can I use my client with the hashed value?
Hashing is for storage. So when you data store gets compromised, the attacked cannot easily get to the real secrets.
The client sends secrets unhashed.