OpenIddict how to create a client with multiple secrets

Is there anyway to create a client in OpenIddict which has multiple secrets.

I was trying to create a client/application and I can only create a secret for that client. I would like to create multiple secrets so I can manage different secrets for the same application.

Solution

It's not natively supported, but you can create your own class derived from OpenIddictApplicationManager<T> and override ValidateClientSecretAsync() to support that.

That said, I'd recommend using the new client assertions feature introduced in OpenIddict 5.0. In this case, attaching multiple keys to the same application is supported.

See https://kevinchalet.com/2023/10/20/introducing-native-applications-per-client-token-lifetimes-and-client-assertions-support-in-openiddict-5-0-preview1/ for more information.

.NET 8 Blazor Server - role authorization with Windows Authentication
Should EFCore migrations be committed to version control?
EF Core one-to-one relation returns one-to-many relation
How to deal with Id property in DTO in ASP.NET Web API
.NET Core 3.1 GoogleSignIn -The authentication handler registered for scheme 'Bearer' is 'JwtBearerHandler' which cannot be used for SignInAsync
How do I serve static files only to authorized users?
.NET 7 and UseEndPoints()
'Unable to resolve service for type ¨Microsoft.entityFrameworkCore.DbContextOptions¨1[LibraryData.LibraryContext] while attempting to activate
Require authenticated user in asp.net core but require custom policy in some actions require custom policy
Stop request in CookieAuthenticationEvents.OnValidatePrincipal after response body has been written to
IDX10603: The algorithm: 'HS256' requires the SecurityKey.KeySize to be greater than '128' bits. KeySize reported: '32'. Parameter name: key.KeySize
Relation between Authorization middleware and filter Asp.net core
.net 8 blazor navlink style not working for external url
How to use appsettings.json in Asp.net core 6 Program.cs file
Filter Serilog logs to different sinks depending on context source?
How can I securize my code-first gRPC endpoints using Azure Authentication?
How to auto increment the version (eg. “1.0.*”) of a .NET Core project?
.NET 8 Blazor web app - single sign-on with Windows credentials
Roles Authorization not working for Razor Pages site using AddNegotiate
Dapper returning zero GUID
HttpClient - Execute an async method before every call to SendAsync
EF Core disconnected update of collection navigation properties via full replacement
How to set line_shape in Plotly.Blazor?
What's the difference between HttpRequest.Path and HttpRequest.PathBase in ASP.NET Core?
Cannot return null from an action method with a return type of 'Microsoft.AspNetCore.Mvc.IActionResult'
Streaming with ASP.NET core IAsyncEnumerable not working n Azure App service on Windows
ASP Versioning, UrlSegmentApiVersionReader, routes match nonsense version numbers
The default XML namespace of the project must be the MSBuild XML namespace
How to write to HttpContext.Response.Body on .NET Core 3.1.x
Application Insights Logging Exceptions as Trace