Reputation: 105
In ASP.NET Core, why AddOpenIdConnect does not have AuthorizationEndpoint as an option, like AddoAuth has?
OIDC required Authorization endpoint. Nevertheless, AddOpenIDConnect does not have AuthorizationEndpoint option, which AddOAuth has.
Upvotes: 1
Views: 1863
Answers (1)
Reputation: 58898
OpenID Connect handler usually uses a special "discovery" endpoint to find the authorization endpoint (among other things). It takes your Authority and appends "/.well-known/openid-configuration" to it to get the metadata.
From there it gets the authorization_endpoint from the JSON.
For example, setting the authority to https://login.microsoftonline.com/common/v2.0 (Azure AD) will fetch the metadata from https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration.
{
"authorization_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/authorize"
}
Note this is what the handler does by default with minimal configuration.
You can set MetadataAddress instead of Authority to set the discovery endpoint URL manually.
If you do not wish to use the discovery endpoint at all,
you can provide the Configuration property manually:
o.Configuration = new Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration
{
// Other properties omitted
AuthorizationEndpoint = ""
};
Upvotes: 4
Related Questions
- .AddOpenIdConnect() Middleware Clarification
- Strong-type OpenIdConnectOptions for aspnet core 2.0
- AddSignIn Method Missing In ASP.NET Core 2.1
- Add custom authentication method to IdentityServer4
- .AddOAuth() vs .AddOpenIdConnect()
- Where is app.UseOpenIdConnectAuthentication() and OpenIdConnectMiddleware in ASP.NET Core 3?
- Setting up OpenID Connect for .NET Core Web API
- AddOpenIdConnect with Azure AD V2
- .net core identity server 4 authentication handler for oidc
- Overriding TokenEndPoint in AspNet.Security.OpenIdConnect.Server