Multiple Names for issuer(authority) for Identity Token

[yehonathan]

Hi So I have identityserber running on a computer(server) in a local network. So i can access the through the browser by either or . The problem is if i get the token with either, the issuer of the token become either the ip address or the computer name respectively. I realise that when using this setup to authenticate an API , the issuer is checked against the Authority I set in my Startup.cs for the .net core api application. According to the code in the documentation....

 app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
    {
        Authority = "????",//How do i use multiple authorities
        RequireHttpsMetadata = false,
        ApiName = "api1"
    });

How do i make sure the authority matches multiple names that refer to the same identity server

[leastprivilege]

Either always use the same DNS name to access IS. Or set a static issuer name in the IS options.

[alexdrl]

I have a similar issue, but with a different scenario.

I have 1 IS in Kestrel which issues JWT tokens using the OpenID and the user-password scheme.
Another IS In IIS which issues JWT tokens using custom code which reads integrated windows authentication.

The problem is that if I add the two middlewares, one after the other, the authentication fails.

Any idea?

[yahya99223]

Hi I have the same issue alexdrl has, any work around or solution available? can not we validate a token using authority=issuer of token?

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.