9,052 questions
0
votes
1
answer
70
views
401 Unauthorized despite sending login token in Headers
I am trying to do a POST to an API endpoint api/auth/assign-role with this data :
{
"userId": "3d2243fc-8d32-4889-a7e2-624af56a3f91",
"role": "Doctor"
}
...
- 1,297
Advice
0
votes
0
replies
38
views
How to implement session timeout in .NET Framework 4.7.2 application
We have several applications built in .NET Framework 4.7.2 that uses .NET Identity for authorisation and authentication. I am trying to implement a session timeout, in line with OWASP recommendations.
...
- 423
0
votes
1
answer
66
views
Protected Remote MCP Server - VS Code
I'm trying to connect vs code to a local MCP server that is using HTTPTransport and is secured by OAuth. It was working fine up to the point I started validating the scope.
builder.Services....
- 362
0
votes
1
answer
110
views
Owin security could not handle callback "signin-oidc", Error 404 on ASP.NET MVC
I have a simple ASP.NET MVC app with .NET 4.8.
I want to use keycloak as security management and my app connect to it via openid connect protocol.
To do this, I've created a startup.cs class in my ...
- 95
0
votes
0
answers
105
views
How to modify ASP.NET Core Identity cookie name after initialization?
I have an ASP.NET Core application that does multi-tenanting based on the path. For example to log into tenant1 you would go do https://domain.name/tenant1 and to log in as tenant2 you would go do ...
- 708
1
vote
1
answer
60
views
No buttons (or other interactive elements) work when I use a data-bound object
I’m trying to display user identities and fetch a list of users, but buttons stop functioning if I use ApplicationUser (inherited from IdentityUser) retrieved via UserManager.
@attribute [Authorize]
@...
- 13
0
votes
1
answer
261
views
Blazor Server (Interactive Render Mode) Custom Login Page with IdentityCore and Cookie Authentication
I'm building a Blazor application using the interactive server rendermode and I want to implement a custom login page using ASP.NET Core Identity. For authentication, I'm configuring IdentityCore like ...
- 9
0
votes
0
answers
50
views
Using JWT for Identity Auth in MongoDB
I am running into an issue with trying to use .NET Identity with a MongoDB backend. The problem is related to authorization. I want the API to use JWT but it would seem the package I am using defaults ...
- 337
0
votes
0
answers
77
views
How to reuse and extend the existing Refresh Token when using refresh_token grant in OpenIddict without issuing a new one?
I'm using OpenIddict 6.3.0 with ASP.NET Core 8, and I want to customize the behavior when using the refresh_token grant.
✅ Goal:
When a refresh_token is used:
I want to reuse the existing refresh ...
- 588
0
votes
0
answers
79
views
ASPNET IDENTITY Automatically terminates user sessions
I developed a website using .NET 6.0 and ASPNET Identity. I dont have any cookie or session related operations in my controllers. Also, everything perfectly works in my development enviroment (I mean, ...
0
votes
0
answers
41
views
Does ASP.NET Identity have a method that allows for batch creation of users using UserManager?
I am implementing a method that receives data from an API. At the moment, the API is adding the data to the database by using a loop. This however is looking more and more unreliable as the data keeps ...
1
vote
0
answers
199
views
Problems integrating MudBlazor with existing Blazor login page
I've been trying to enhance my Blazor Identity login page with MudBlazor components. I've encountered multiple errors that prevent it from working:
SSL Certificate Error - When I first added ...
- 41
0
votes
1
answer
80
views
EntityFrameworkCore.Identity: Can it be added to an existing project or should I start from scratch?
I'm working on my final year project(fyp) and intended to add an account system using EF Core Identity. When I started my project I found it difficult to get to grasps with the best way to use ...
0
votes
0
answers
82
views
OpenIdDict using PKCS#11 / HSM interface?
I am working on a project that uses OpenIdDict für user authentication, thus, generating and validating JWTs (Java web tokens, HTTP header "Bearer").
Currently, the prototype relies on a ...
- 2,728
0
votes
0
answers
86
views
How to extend Client entity in Duende Identity Server v 7
I'm using Duende Identity Server v 7.0.7 and I need to add custom property to Client model. So basically add column to "Clients" table to store client specific value.
I know it is possible ...
0
votes
0
answers
56
views
System.MissingMethodException with AspNetCore.Identity.MongoDbCore and MongoDB.Bson.BsonDefaults
I'm attempting to integrate AspNetCore.Identity.MongoDbCore into my application. However, upon running the application, I encounter the following error:
System.MissingMethodException: 'Method not ...
- 208
1
vote
0
answers
48
views
ASP.NET Identity reset password issue "username already taken"
I'm trying to reset user's passwords and I keep getting "username already taken" as an error. I don't quite understand... I'm not trying to create a new user, I'm trying to reset an existing ...
- 1,840
0
votes
1
answer
48
views
Identity Model Customization .NET Core 8
I am trying to access the UserRoles property from my ApplicationUser entity and I keep getting an error message stating Invalid column name 'UserId1'. I am following this Microsoft article (https://...
- 2,013
-1
votes
1
answer
63
views
Unable to create a 'DbContext' of type 'IdentityContext'. The exception
I wanted to create a many to many connection between the identity user and another table
but when i modified my identity context and wanted to create a migration i got the following error
Unable to ...
- 1
0
votes
0
answers
97
views
How can I specify WithAppOnly() globally for a GraphServiceClient, so I don't have to specify it for every single Microsoft Graph request?
How can I specify WithAppOnly() globally for a GraphServiceClient, so I don't have to specify it for every single Microsoft Graph request?
Consider the following code:
var c = app.Services....
- 14.6k
0
votes
0
answers
30
views
Validate Google Auth Token against Microsoft Identity External Authentication
I have an ASP.NET MVC web application using Microsoft Identity authentication with Google Authentication features, all works great from the website.
The web site also exposes APIs for clients apps (a ...
0
votes
0
answers
72
views
Can I use an interface with a foreign key in EF 6 and set it as a foreign key
I'm using EF 6 with .NET 4.8.
All data entities classes are defined in a Model project so it can be used by client apps. Only User (ApplicationUser) model is defined in the Application project (I'm ...
- 1
0
votes
2
answers
79
views
The foreign key property 'UserRole.UserId1' was created in shadow state
EF creates UserId1 and RoleId1 in UserRoles table when I try to add migration.
there are messages:
The foreign key property 'UserRole.RoleId1' was created in shadow state because a conflicting ...
- 5
0
votes
2
answers
135
views
Google login in ASP.NET Core - user still unauthorized with Google bearer token
I have integrated Google login with my ASP.NET app.
So in callback call from google auth I get code that I use to get user token:
// Must match Google settings
var redirectUri = "https://...
- 41.2k
1
vote
1
answer
425
views
Trying to seed data using Identity.AspNetCore with .UseSeeding and .UseAsyncSeeding?
So I've ran into an issue that I am not sure how to handle.
You see I am trying to deal with an Initial seeding of Admin data for my App.
But the thing is.. Since I am using Identity to handle both ...
- 363
0
votes
0
answers
105
views
Issues with ASPNET Identity Google behind NGINX based reverse proxy
I'm in the process of adding Google Authentication to .NET 8 web app behind NGINX reverse proxy.
App itself is simple CRUD web app. I do have Let's Encrypt certificate for https, it is terminating on ...
0
votes
0
answers
76
views
System.InvalidOperationException in AspNetCore.Authorization
We receive the mentioned exception on our productive environment (azure web app) and have not found a way to reproduce this exception. Those exceptions occur during the usage peak of our application ...
- 1
0
votes
3
answers
156
views
How can a user's selected authentication method be retrieved?
I want to retrieve the authentication method of a logged-in user, e.g. something like "by username/password", or for oauth cases "via facebook" or "via google".
After ...
- 811
0
votes
0
answers
42
views
Register Multiple Connection strings & client ids in .NET 6 Identity Server
I have a default connection string which has the default connection for the identity server so I register this identity server successfully, but I have tenants stored in a database table and I have a ...
0
votes
1
answer
88
views
Method userManager.FindByEmailAsync() returns object with empty UserName and Email
I had to extend IdentityUser model (and AspNetUser table of course) with some extra field (RegistrationDate) so I created ExtendIdentityUser model class. It works nice.
Then, I needed to change some ...
- 5,786
0
votes
0
answers
21
views
Identity Configuration Not Working in Docker: Issue with Login
Currently, I'm working on a Blazor Server app using Microsoft Identity. However, I have a problem with the user login feature. I can create and confirm a user without any issues, the state in the ...
- 1
-13
votes
1
answer
308
views
Get email, phone, etc from OAuth2 login [closed]
I am working on adding the ability to authenticate in my app using Google OAuth2. My app is a Blazor Interactive Server using the Identity Library (not Blazor Identity). I don't have this working yet. ...
- 33.7k
0
votes
1
answer
85
views
How to configure a Razor Pages project to use Identity endpoints in a WebApi project using cookie authentication
I have a WebApi project that has endpoints for all the business logic, including an implementation of the Identity endpoints for login/register/etc.
The cookie authentication works fine on the WebApi ...
- 1
0
votes
0
answers
92
views
OpenId Connection Problems - OpenIdConnectAuthenticationHandler: message.State is null or empty
I'm building my first app with Blazor, and it's actually my first project authenticating with RapidIdentity as well. I have my URIs and ClientId / Secrets already setup as well.
Anyway, I'm having ...
- 53
0
votes
2
answers
196
views
Auto Login in NET 8 Blazor project with .NET Identity authentication
I am working on a .NET 8 Blazor project with .NET Identity authentication. My goal is to automatically log in the user and redirect them within the OnInitializedAsync method based on an OTP provided ...
- 477
1
vote
0
answers
40
views
ASP.NET Identity: Custom RefreshTokens vs Built-in AspNetUserToken
I'm currently implementing token-based auth with refresh tokens in my .NET app. Right now I have a custom RefreshTokens collection in my ApplicationUser:
public class ApplicationUser : IdentityUser
{
...
- 1,646
0
votes
0
answers
134
views
How to set Content Security policy of Identity Server Connect/Authorize function internal call?
I am facing a issue when Identity server redirect from https:/sso.com/connect/authorize?.. to https://anotherhost.com/sigin-oidc it is showing CSP error as stated that
refused to send form data to ...
- 1,335
1
vote
1
answer
454
views
How to make ASP.NET Core JWT Bearer Authentication check the Authorization header first before checking the Cookies?
To give you some context:
I am trying to implement a Refresh/Access Token Authentication security to a simple Web API using ASPNET Core. Its going well so far.. It does work! Just not as expected.
To ...
- 363
1
vote
1
answer
192
views
.NET MAUI Browser Delegated Authentication redirect URL invalid
Followed the instructions here for browser-delegated authentication, steps completed under .NET MAUI including "Prepare tenant", "Create .NET MAUI app", and "Sign in and sign ...
- 6,180
0
votes
1
answer
101
views
Azure AD App Registration unable to change "Who can consent"
I'm creating a MSAL web API using instructions here. When following the instructions for "Expose the API", I am not able to adhere to step b. (For Who Can consent, ensure the Admins and ...
- 6,180
0
votes
0
answers
469
views
Integrating Elsa 3.0 Server into our ASP .NET core web server with it's own existing Auth
We're looking at implementing Elsa 3.0 into our asp.net core web server that currently uses wasm as the client. It's all currently setup with if it's own identity combined with OpenID etc. Im just ...
- 2,913
0
votes
0
answers
50
views
ASP.NET : how to get an external application to write an authentication cookie?
I have an ASP.NET application that I'm transitioning from the old Membership system to Identity framework (with a view to eventually port the whole thing to .NET Core, but that's a long way off).
I ...
- 45.3k
0
votes
0
answers
50
views
How to create persistent Cookie from HttpContext's Cookie.Append method?
var token = await _jwtTokenService.GenerateToken(user);
HttpContext.Response.Cookies.Append("accessToken", token, new CookieOptions
{
HttpOnly = true,
Expires = DateTime.UtcNow....
0
votes
1
answer
164
views
Using ASP.Net Core Identity in parallel with OpenIdConnect OAuth2
I'm working on asp.net MVC project based on .NET 8.0. My site is using ASP.Net Core Identity for user authentication. It's working fine.
I have to connect to remote server which is using OAuth2 ...
- 3
-4
votes
1
answer
85
views
Could not load file or assembly Microsoft.Owin Version=3.0.1.0
execution of my web applications fails with following runtime error:
Could not load file or assembly 'Microsoft.Owin, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its ...
0
votes
1
answer
240
views
ASP.NET Core 8.0 Razor Pages and Progressive Web-App (Add to home screen on mobile) does not work properly (with ASP.NET Identity; Antiforgery)
I have an ASP.NET Core Razor Pages Webpage which can be browsed to on smartphones (Android and IPhones).
I use ASP.NET Core Identity to secure access to the site.
My users want to add icons to the ...
- 11
0
votes
0
answers
33
views
After adding custom password validator lockoutOnFailure stopped working in ASP.NET Identity
I have several settings related to password complexity, and their values can change dynamically from another server. To handle this, I implemented a custom password validator that reads the settings ...
- 544
0
votes
1
answer
88
views
Using ASP.Net Core Identity for Razor page web app and MAUI app
I've got a razor pages/mvc web app that uses ASP.Net Core Identity for authentication and authorization. I'm starting to develop a mobile app version of the site using MAUI and wanting to access many ...
- 1
2
votes
1
answer
281
views
How do I get my ASP.NET Core minimal API to return a 401 if the user is not authenticated instead of redirecting to the log-in page
I have an ASP.NET Core Blazor web app, which uses Identity for authentication. The server project's Program.cs contains the following (rather trivial) endpoint...
app.MapGet("/testapi-time", ...
- 9,702
0
votes
1
answer
48
views
How to remove the User Name Field from the identity user in asp.net core 8
I want to remove the UserName field from the IdentityUser
I don't want to use it
- 21