How to perform external auth request from Identity Server app?

Question

I am using Identity Server 4 and I need to interact with external authorization API. The authorization process must be like that:

1. Client sends generated token based on user's data to IdentityServer
2. IdentityServer creates POST request with specific header and body.
3. IdentityServer send this request to ExternalAuthApi and gets a response containing token
4. IdentityServer returning that token to the Client (and caching it)

I looked through docs about External Identity Provider, but it requires interaction between Client and ExternalAuthApi in some way, which I need to avoid.

How to implement direct interaction between IdentityServer and ExternalAuthApi? Is it possible?

Answer 1

I've achieved this using ITokenCreationService.

I've created my own implementation and added to services: services.AddTransient<ITokenCreationService, ProviderBasedTokenCreationService >(); 3rd party services are now called in CreateTokenAsync like

    public override async Task<string> CreateTokenAsync(Token token)
    {
        var provider = token.GetProviderClaim();
        switch (provider)
        {
            case "3rdPartySystem_A":
                return this._systemAClient.RequestToken(token.TransformToSystemAFormat());
            case "anotherSystem":
                return this._anotherSystemClient.RequestToken(token.TransformToAnotherSystemFormat());
            default:
                return await base.CreateTokenAsync(token);
        }
    }