Identity Server 4 Demo returning Invalid ClientId

Question

I'm trying to use a demo version of identity server 4 (https://demo.identityserver.io/) as an External Authentication Provider and it's not working anymore. I keep getting unauthorized_client error as following:

I tested the integration with the Demo version of Identity Server 4 in Mid-May and I can confirm that it's all working fine. I used it in our demo session internally in the company.

But when I tested it today again, I ran into the above error.

this is my original code which worked correctly in May:

        .AddOpenIdConnect("demoidsrv", "IdentityServer", options =>
        {
            options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
            options.SignOutScheme = IdentityServerConstants.SignoutScheme;

            options.Authority = "https://demo.identityserver.io/";
            options.ClientId = "implicit";
            options.ResponseType = "id_token";
            options.SaveTokens = true;

            options.Scope.Add(IdentityServerConstants.StandardScopes.OpenId);
            options.Scope.Add(IdentityServerConstants.StandardScopes.Profile);
            options.Scope.Add(IdentityServerConstants.StandardScopes.Email);

            options.CallbackPath = "/signin-idsrv";
            options.SignedOutCallbackPath = "/signout-callback-idsrv";
            options.RemoteSignOutPath = "/signout-idsrv";
        });  

I tried to apply the latest codes in the online documentation Online Docs. But I still have the same error.

.AddOpenIdConnect("oidc", "Demo IdentityServer", options =>
    {
        options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
        options.SignOutScheme = IdentityServerConstants.SignoutScheme;
        options.SaveTokens = true;

        options.Authority = "https://demo.identityserver.io/";
        options.ClientId = "native.code";
        options.ClientSecret = "secret";
        options.ResponseType = "code";

        options.TokenValidationParameters = new TokenValidationParameters
        {
            NameClaimType = "name",
            RoleClaimType = "role"
        };
    });    

So, I downloaded the latest samples/QuickStart from the Github Repo from Identity server 4 QuickStart. I tested the 3_AspNetCoreAndApis solution from the Quickstarts folder and got the same unauthorized_client error.

Is there anyone who are using this demo server as for the testing purpose? I think, something must have been changed in Idsv Demo server setup recently.

Could you please help me which client_id / secret should I use to use Demo Identity Server to test the External Authentication provider? Thanks.

Answer 1

It's because Identity Server team has changed the clientIds, credentials and secrets recently.

Here is the working code as of today:

services.AddAuthentication()                
            .AddOpenIdConnect("demoidsrv", "IdentityServer", options =>
            {
                options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
                options.SignOutScheme = IdentityServerConstants.SignoutScheme;

                options.Authority = "https://demo.identityserver.io/";
                options.ClientId = "login";
                options.ResponseType = "id_token";
                options.SaveTokens = true;

                options.Scope.Add(IdentityServerConstants.StandardScopes.OpenId);
                options.Scope.Add(IdentityServerConstants.StandardScopes.Profile);
                options.Scope.Add(IdentityServerConstants.StandardScopes.Email);

                options.CallbackPath = "/signin-aholdibm";
                options.SignedOutCallbackPath = "/signout-callback-idsrv";
                options.RemoteSignOutPath = "/signout-idsrv";
            });