Reputation: 421
Use IdentityServer4 to generate token for client
I've multiple clients which they have an API, my micro service send them a post request with a JWT token. I was thinking of using IdentityServer4 to generate my JWT token (RSA256) and have one configuration per client. Each client, can validate the token thanks to JWKS_URI.
It is a good approach to do this ?
EDIT Update Diagram : I separed layers, separating the sender from the receivers.
EDIT Update Diagram : I update my diagram who would be more explicit :
Thanks for yours comments
Upvotes: 0
Views: 389
Answers (1)
Reputation: 19981
In IdentityServer terms the MicroService is a client and client1/2 is an ApiResource (tied to an ApiScope).
If there is no user involved and the Microservice should on its own be able to send requests to the API, then you should use the client_credentials flow. With with flow, there is no ID-token.
If there is a user who is logs in at your microservice, then you should use the authorization code flow.
Otherwise than that I think its a good plan, you should think about the naming of things. I would call the Microservice a WebClient or WebApplication if there are users who logs in through it.
Upvotes: 2
Related Questions
- Handling authorization with IdentityServer4
- Identity Server 4 custom token endpoint, get signingcredential at runtime
- How to create RsaSecurityKey.KeyId with IdentityServer4
- ASP.NET Core 3+ JWT authentication
- JWT Bearer Token not working with ASP.Net Core 3.1 + Identity Server 4
- Authorize via JWT Token
- .Net Core Custom Authentication using API Keys with Identity Server 4
- Identity Server 4 reference token and security
- Issuing a Bearer JWT Token using Identity Core
- JWT bearer tokens w/ ASP.NET Identity 3