Reputation: 9821
How can I set audience with OpenIdConnectMiddleware?
I am using the OpenIdConnectMiddleware in an ASP.NET Core 2.0 app, with Auth0 as authentication.
I have followed this guide to implement authentication via Auth0, and can successfully log in.
Now I want to use the retrieved access token to access a separate API; for this to work I need to include an audience parameter when authorizing with Auth0, as described here.
Since the OpenID Connect middleware handles the authorization with Auth0, and there is no Audience setting on the OpenIdConnectOptions, how can I specify the audience parameter that should be passed to the /authorize endpoint?
Upvotes: 6
Views: 2655
Answers (1)
Reputation: 9821
Found the answer in this blog post from Jerrie Pelser. I need to use the OnRedirectToIdentityProvider event handler to set audience:
options.Events = new OpenIdConnectEvents {
OnRedirectToIdentityProvider = context => {
context.ProtocolMessage.SetParameter("audience", "https://my/api");
return Task.CompletedTask;
},
...
}
Upvotes: 9
Related Questions
- IdentityServer4: audience is empty when calling web api?
- Azure active directory - Allowed token audiences
- OpenID Connect multiple audiences in access token
- How to setup custom Oauth 2 in .Net Core
- ASP.NET Core JWT Authentication Audience Property
- How to make OpenIdConnect multi-tenant?
- Setting up OpenID Connect for .NET Core Web API
- AspNetCore UseOpenIdConnectAuthentication
- IdentityServer4 : Service to service call fails to find Audience
- Separating Auth and Resource Servers with AspNet.Security.OpenIdConnect - the Audience?