I created N-Tiered project and I removed Auth and UI layer because it makes speed project template.
Yes I know check Token in Child Project. So I can't use Policies in Authorize in Child Project. Do I? As well as If I put ChildProject into MainProject solution then Does check token MainProject and can i use policiy (Permissions in Applicaiton.Contract)?
Thanks.
Hi,
I shared module code and main auth log section via email(musa@fintechyazilim.com).
Thanks.
hi, I shared my ChilProject Log that my catched.
2025-12-26 09:19:17.788 +03:00 [INF] Request starting HTTP/1.1 POST https://localhost:48995/api/app/xxxx-xxxxx/aaaa-bbbb-ccccc?marketCode=1 - application/json 12
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessRequestContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ResolveRequestUri.
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ResolveRequestUri.
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.OpenIddictServerHandlers+InferEndpointType.
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateTransportSecurityRequirement.
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateHostHeader.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ValidateHostHeader.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+EvaluateValidatedTokens.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromAuthorizationHeader.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromBodyForm.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromQueryString.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateRequiredTokens.
2025-12-26 09:19:17.798 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ResolveServerConfiguration.
2025-12-26 09:19:17.798 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ResolveIntrospectionEndpoint.
2025-12-26 09:19:17.799 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+EvaluateIntrospectionRequest.
2025-12-26 09:19:22.740 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ValidateTokenContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandler1[[OpenIddict.Validation.OpenIddictValidationEvents+ValidateTokenContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]]. 2025-12-26 09:19:22.740 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ValidateTokenContext was marked as handled by OpenIddict.Validation.OpenIddictValidationHandler1[[OpenIddict.Validation.OpenIddictValidationEvents+ValidateTokenContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
2025-12-26 09:19:22.740 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateAccessToken.
2025-12-26 09:19:22.740 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was marked as handled by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateAccessToken.
2025-12-26 09:19:22.740 +03:00 [DBG] AuthenticationScheme: OpenIddict.Validation.AspNetCore was not authenticated.
2025-12-26 09:19:22.740 +03:00 [DBG] AuthenticationScheme: OpenIddict.Validation.AspNetCore was not authenticated.
2025-12-26 09:19:22.896 +03:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: xxxxxxAPI.Default
2025-12-26 09:19:22.900 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ResolveHostChallengeProperties.
2025-12-26 09:19:22.903 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachHostChallengeError.
2025-12-26 09:19:22.905 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+AttachDefaultChallengeError.
2025-12-26 09:19:22.906 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+AttachCustomChallengeParameters.
2025-12-26 09:19:22.907 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachHttpResponseCode1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]]. 2025-12-26 09:19:22.907 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachCacheControlHeader1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
2025-12-26 09:19:22.910 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachWwwAuthenticateHeader`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
2025-12-26 09:19:22.913 +03:00 [INF] The response was successfully returned as a challenge response: {
"error": "insufficient_access",
"error_description": "The user represented by the token is not allowed to perform the requested action.",
"error_uri": "https://documentation.openiddict.com/errors/ID2095"
}.
I use admin user to get token and admin user has all permissions and we check out in DB PermissionGrants table. NOTE:Identitymodel log was empty even I added ShowPII=true.
Above answer isn't enough for me and it doesn't solve my problem. Please redirect a person.
I noticed i wrote app.UseAbpRequestLocalization(); twice. I remove below one. Result is still same. Any other advice?
Thank you We solved the problem in a different way.
I have seen this. At line 38, it assigns all permission into custom given role. I also want to choose permission from all permission list. Then assign only chosen ones. Is there a practical way to choose permission?
When mapping to CityWithNavigationPropertiesDto, it worked. Also using AsNoTracking prevented changing. Thanks for reply.
hi
We tried your method but it did not work. We also tried AsnoTracking method. It worked.
As you see previous code block, we make just get process. So even if ef core tracks the entities, it should not change database value. Why database updates occur?
To prevent data corruption should we always use AsNoTracking method while getting list? is there any performance effect using AsNoTracking on project.
When we manually delete cookies for this question;
What can be done about this?
