Send extra parameters on reference token validation

[jrcpereira]

Hi!

Is there any way to pass extra parameters to Ids on token validation?

I would like to retain IP address and a timestamp for each token validated on Ids.
Since validation occurs server side, it would be great if we could pass additional parameters to the Ids endpoint.

Thanks!

[leastprivilege]

You can inject your own HTTP message handler which could add data for outgoing calls..

[jrcpereira]

Thanks for the hint!

Just to be sure I got it right... The best solution is to inject my message handler and create the HttpClient for introspection before the call to add IdentityServerAuthentication, right?

services.AddScoped<CustomHttpMessageHandler>(); services.AddHttpClient(OAuth2IntrospectionDefaults.BackChannelHttpClientName) .ConfigurePrimaryHttpMessageHandler<CustomHttpMessageHandler>();

[leastprivilege]

It does not need to be the primary one - that's usually reserved for network config related things...

[jrcpereira]

Despite I named it CustomHttpMessageHandler, I derived it from the HttpClientHandler.
But I will just add it as another handler to the HttpClient, just in case.

Thanks, once again!