I created N-Tiered project and I removed Auth and UI layer because it makes speed project template.
Yes I know check Token in Child Project. So I can't use Policies in Authorize in Child Project. Do I? As well as If I put ChildProject into MainProject solution then Does check token MainProject and can i use policiy (Permissions in Applicaiton.Contract)?
Thanks.
Hi,
I shared module code and main auth log section via email(musa@fintechyazilim.com).
Thanks.
hi, I shared my ChilProject Log that my catched.
2025-12-26 09:19:17.788 +03:00 [INF] Request starting HTTP/1.1 POST https://localhost:48995/api/app/xxxx-xxxxx/aaaa-bbbb-ccccc?marketCode=1 - application/json 12
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessRequestContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ResolveRequestUri.
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ResolveRequestUri.
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.OpenIddictServerHandlers+InferEndpointType.
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateTransportSecurityRequirement.
2025-12-26 09:19:17.795 +03:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateHostHeader.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ValidateHostHeader.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+EvaluateValidatedTokens.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromAuthorizationHeader.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromBodyForm.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromQueryString.
2025-12-26 09:19:17.796 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateRequiredTokens.
2025-12-26 09:19:17.798 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ResolveServerConfiguration.
2025-12-26 09:19:17.798 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ResolveIntrospectionEndpoint.
2025-12-26 09:19:17.799 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+EvaluateIntrospectionRequest.
2025-12-26 09:19:22.740 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ValidateTokenContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandler1[[OpenIddict.Validation.OpenIddictValidationEvents+ValidateTokenContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]]. 2025-12-26 09:19:22.740 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ValidateTokenContext was marked as handled by OpenIddict.Validation.OpenIddictValidationHandler1[[OpenIddict.Validation.OpenIddictValidationEvents+ValidateTokenContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
2025-12-26 09:19:22.740 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateAccessToken.
2025-12-26 09:19:22.740 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was marked as handled by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateAccessToken.
2025-12-26 09:19:22.740 +03:00 [DBG] AuthenticationScheme: OpenIddict.Validation.AspNetCore was not authenticated.
2025-12-26 09:19:22.740 +03:00 [DBG] AuthenticationScheme: OpenIddict.Validation.AspNetCore was not authenticated.
2025-12-26 09:19:22.896 +03:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: xxxxxxAPI.Default
2025-12-26 09:19:22.900 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ResolveHostChallengeProperties.
2025-12-26 09:19:22.903 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachHostChallengeError.
2025-12-26 09:19:22.905 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+AttachDefaultChallengeError.
2025-12-26 09:19:22.906 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+AttachCustomChallengeParameters.
2025-12-26 09:19:22.907 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachHttpResponseCode1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]]. 2025-12-26 09:19:22.907 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachCacheControlHeader1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
2025-12-26 09:19:22.910 +03:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachWwwAuthenticateHeader`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=5.8.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
2025-12-26 09:19:22.913 +03:00 [INF] The response was successfully returned as a challenge response: {
"error": "insufficient_access",
"error_description": "The user represented by the token is not allowed to perform the requested action.",
"error_uri": "https://documentation.openiddict.com/errors/ID2095"
}.
I use admin user to get token and admin user has all permissions and we check out in DB PermissionGrants table. NOTE:Identitymodel log was empty even I added ShowPII=true.
Above answer isn't enough for me and it doesn't solve my problem. Please redirect a person.
Hi, I have N-Tiered project which have UI, API Host and Auth (MainProject). So I have a another N-Tiered project just has Api Host there isn't UI and Auth(ChildProject). I configured appsettings of ChildProject for Auth into MainProject. I use Authorized attribute with Policy not role or scheme name. I Authorized via swagger or postman and I request an endpoint of ChildProject with got token. But I get 401 error in everytime. I tried show my projects relations like follow image.
I want to authorized via MainProject Auth Server and want to use Policy like [Authorize(xxxWebAPIPermissions.WCFService.Default)] in ChildProject endpoints. Can I do that?
NOTE: I authorized with admin user so it has all permissions include that use in end points of Childproject policy permission.
Hi, we have a problem with datetime timezone conversion. We have set datetimekind as UTC to save datetime values in UTC format.
For demonstration purposes, we set our local time zone for currently logged in user.
Id specified in image send request for list. In retrieved list creationTime is in UTC format. We manually set localtime for creationTime, then it became local time. But output of request was unmodified. Its creation time in UTC format.
As you see userIds are same.
What can we do to solve this problem?
I noticed i wrote app.UseAbpRequestLocalization(); twice. I remove below one. Result is still same. Any other advice?
Hello, We have issue to change API culture. We have created non-ABP external Blazor server UI project. We send request to api endpoints. But we can not specify request or client culture while sending. Culture info in sending on Accept-Language header.
public override void OnApplicationInitialization(ApplicationInitializationContext context)
{
var app = context.GetApplicationBuilder();
var env = context.GetEnvironment();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
var supportedCultures = new[]
{
new CultureInfo("en-GB"),
new CultureInfo("tr-TR")
};
app.UseAbpRequestLocalization(options =>
{
options.DefaultRequestCulture = new RequestCulture("en-GB");
options.SupportedCultures = supportedCultures;
options.SupportedUICultures = supportedCultures;
options.RequestCultureProviders = new List<IRequestCultureProvider>
{ new AcceptLanguageHeaderRequestCultureProvider(),
new QueryStringRequestCultureProvider(),
new CookieRequestCultureProvider()};
});
app.UseAbpRequestLocalization();
//app.UseStaticFiles();
//app.MapStaticAssets();
app.MapAbpStaticAssets();
app.UseAbpSecurityHeaders();
app.UseRouting();
app.UseCors();
app.UseAuthentication();
app.UseUnitOfWork();
app.UseDynamicClaims();
app.UseAuthorization();
app.UseSwagger();
app.UseAbpSwaggerUI(options =>
{
options.SwaggerEndpoint("/swagger/v1/swagger.json", "Aizanoi API");
var configuration = context.GetConfiguration();
options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
});
app.UseAbpSerilogEnrichers();
app.UseConfiguredEndpoints();
}
We have put above code into ApiHostModule.cs.
Our supported languages are "tr-TR" and "en-GB". How can we correctly configure our api to get culture from request Accept-Language header?
Thank you We solved the problem in a different way.
I have seen this. At line 38, it assigns all permission into custom given role. I also want to choose permission from all permission list. Then assign only chosen ones. Is there a practical way to choose permission?
