c#.netasp.net-coreoauthidentityserver4
Identity Server 4 Implicit Flow - Unknown Error
I'm have an Identity Server 4 running on .NET 5 along a simple JS SPA Client which uses oidc-client.js library
The issue is I can't make my Identity Server work with implict authentication. My SPA client is running on https://localhost:44334 and Identity Server on https://localhost:5005
When I click on Login, I'm trying to get a token from IdentityServer using oidc-client.js
var config = {
authority: "https://localhost:5005",
client_id: "react-client",
redirect_uri: "https://localhost:44334/callback.html",
response_type: "id_token token",
scope: "openid profile Api1",
post_logout_redirect_uri: "https://localhost:44334/index.html",
};
var mgr = new Oidc.UserManager(config);
mgr.getUser().then(function (user) {
if (user) {
log("User logged in", user.profile);
}
else {
log("User not logged in");
}
});
function login() {
mgr.signinRedirect();
}
Here's my client configuration on Identity Server
return new IdentityServer4.Models.Client
{
ClientId = "react-client",
ClientName = "React Client",
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
RedirectUris = { "https://localhost:44334/callback.html" },
PostLogoutRedirectUris = { "https://localhost:44334/index.html" },
AllowedCorsOrigins = { "https://localhost:44334" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"Api1"
}
};
Now the issue is, When I click on login button the browser is redirecting to IdentityServer but then shows this error.
What I'm doing wrong?
Solution
I found the issue and resolved. The issue was Api1 was not listed on ApiScopes configuration on Identity Server. The error shown from IdentityServer is so generic to get into the issue.