No endpoint entry found when load balancing IdentityServer4

Question

I am attempting to setup a local nginx load balanced IDS (using a hybrid model, and HTTPS), using docker containers.

I can successfully login if I scale the IDS to 1.

When I scale to 2 or more, using round robin style balancing, I am redirected to the login page when I attemp to login.

The initial login attempt hits IDS1, then the second request portion of the login hits IDS2, which returns the following error: No endpoint entry found for request path: /Account/Login [IdentityServer4.Hosting.EndpointRouter]

I have verified both IDS's are up and running, and if i hit the discovery document, I can see nginx round robining it and i get a successful result each time.

EDIT: I no longer get the error, but when I attempt to login the second request portion of the login going to IDS2 still acts as though I'm not mid-login process and takes me to the login page.

Answer 1

You need to configure The Data Protection API and set the same key in both services, because otherwise ASP.NET won't accept cookies from the other service. The key is used to secure and encrypt the cookie.

To lean about about the data protection API I recently wrote this reference project

• AzureKeyVaultKeyRingRepository The purpose is to demonstrate and show how to store the ASP.NET Core Data Protection API key-ring in Azure Key Vault. (Blogpost coming soon)

Read more about the data protection API here