I got a question, currently the site is working fine, it's multi-tenacy site. if this line of code is not working, why the auth, login, sign up pages are still working? thanks
using var store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
This line of code has a problem.
The Azure hosting environment does not allow your application to access the CurrentUser certificate store by default.
after generating the file and updating the code, should I update any other place? since it's the important certificate file, I am wondering if I have to do more and let the whole system to use it?
do you mean putting openiddict.pfx in the root folder and use it like this? serverBuilder.AddProductionEncryptionAndSigningCertificate( "openiddict.pfx", "your-password", X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.EphemeralKeySet);
thx
I manually created the new application here, should I update db migrator, add the application in and run it?
maybe it has sth to do with the way I created this new application, do you have an instruction for this?
when should we use public client vs confidential client, I am using a react app to connect, should I use public client?
what's hybird flow, password flow, etc..
what's extension grant types
I have just sent you via email thx
just sent, thanks
thanks, will do. by the way, how can I see the source code for this endpoint: connect/token?
2025-10-10 04:13:58.315 +00:00 [Information] Authorization failed. "These requirements were not met: DenyAnonymousAuthorizationRequirement: Requires an authenticated user."
I am creating a react app and use the SSO, it worked locally, however, the production env gives me this error
{ "error": "invalid_grant", "error_description": "The specified token is invalid.", "error_uri": "https://documentation.openiddict.com/errors/ID2004" }
from Request URL Request Method POST
any suggestions
The email should be unique among all tenants. Selecting a tenant is not a good choice.
-- how to update so that the email will be unique?
