Blazor WASM Security Odata get token

korchev · February 16, 2022, 7:39am

It says that for the example purpose they will use the in memory store:

For this document we will use the in-memory version of the client store. You can wire up the in-memory store in ConfigureServices via the AddInMemoryClients extensions method.

I am not sure if this is mandatory for using external clients or not and searching online didn't yield any definitive answer.

I found however this in the Microsoft documentation: Use Identity to secure a Web API backend for SPAs | Microsoft Learn

It shows that there are predefined IdentityServer profiles (whatever that means). Not sure if this helps in any way though.

Lastly a lot of .NET services support the services.Configure method for further configuration. E.g. in the OnConfigureServices partial method you can try:

services.Configure<ApiAuthorizationOptions>(options => options.Clients.Add(...))

MarkusW · February 16, 2022, 9:58am

Adding the client to the appsettings does not work for me.

But I added following code to the startup.costum.cs and it is working. Now I have a solution without adding startup.cs to the ignore list. Thanks for the help

services.Configure<ApiAuthorizationOptions>(options =>
                options.Clients.Add(new IdentityServer4.Models.Client()
                {
                    ClientId = "client",
                    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
                    AccessTokenType = AccessTokenType.Jwt,
                    ClientSecrets =
                    {
                        new Secret("secret".Sha256())
                    },
                    // scopes that client has access to
                    AllowedScopes = { "TestwbaSecurity.ServerAPI openid profile" }
                }));