Starts in:
0 DAY
0 HR
14 MIN
47 SEC
Starts in:
0 D
0 H
14 M
47 S
Open Closed

Getting tokens from identityserver using httpclient #1918


User avatar
0
gvnuysal created

Hi support,

https://identitymodel.readthedocs.io/en/latest/client/token.html#requesting-a-token-using-the-password-grant-type

I'm trying to get tokens on the identity server using the doc here. If I send a user with a null tenantid, I can receive a token, I can't get tokens with a user that is full of Tenantid

using IdentityModel.Client;
using Newtonsoft.Json.Linq;
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Threading.Tasks;

namespace view_connection
{
    class Program
    {
        static void Main(string[] args)
        {
            MainAsync().Wait();

        }
        static async Task MainAsync()
        {

         
            var client = new HttpClient();
             
            
            var apiClient = new HttpClient();
            var disco = await client.GetDiscoveryDocumentAsync("https://localhost:44377");
           
            var tokenResponse = await client.RequestPasswordTokenAsync(new PasswordTokenRequest
            {
                Address = disco.TokenEndpoint,
                ClientId = "Abp",
                ClientSecret = "E5Xd4yMqjP5kjWFKrYgySBju6JVfCzMyFp7n2QmMrME=", 
                Scope="Abp",
                UserName="gvnuysal",
                Password="Password-123"          
                
            });


            Console.WriteLine(tokenResponse.Json);

             
        }

    }
}

How can I get tokens from IdentityServer on Abp project using HttpClient. Thanks.


1 Answer(s)
  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    Because IdentityServer Module is not multi-tenant. That means you can't have tenant based data in identityserver module. So that your requests shouldn't contain tenantId.

    Server to server https/grpc calls should not involve user and be done with client credential flow.

    That being said, in which case are you using resource owner password flow for http request?

Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06