Validate openiddict token on node.js server

[osharper]

Hi! Started to explore your library and have, probably, dumb architectural question.

We're using .net core server for authorization and REST API and node.js server for web socket communication (via socket.io).

Currently, PasswordFlow is used and auth part of the code is mostly same as in your sample

We're able to validate token in REST API endpoints on .Net core instance but we also want to use the same token for web sockets.

Is there a way to validate it on node.js server without making a request to .Net core instance?

[kevinchalet]

Hey,

Is there a way to validate it on node.js server without making a request to .Net core instance?

Consider using JWT as the access token format.

[osharper]

Thanks, I will. Just supposed that if jwt kinda sucks and at the same time it's a common practice to separate auth and rest instances - there should be a way to do that :)

[kevinchalet]

@osharper using JWT is fine (and pretty much the only option in your case). What's wrong is using a JS client that relies on the fact that access tokens are necessarily JWT tokens.