You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Have enabled OpenID server on the default tenant, and enabled all the options. I have client credentials flow setup to enable login with the default tenant credentials. However if I was to go to the default tenant userinfo endpoint https://localhost:44300/connect/userinfo , the UserInfoController fails to authenticate and retrieve the user principal and returns 401.
var result = await HttpContext.AuthenticateAsync(OpenIdConstants.Schemes.Userinfo);
if (result?.Principal == null)
{
return Challenge(OpenIdConstants.Schemes.Userinfo);
}
I am expecting to see claims from the logged in admin user.
The text was updated successfully, but these errors were encountered:
The userinfo endpoint can only be used with access tokens representing users (hence the name). When you use the client credentials flow, the access token doesn't represent any user (not even the tenant's administrator): it represents the client application, that acts on its own behalf.
It's very likely that the 401 is returned by the next call:
As part of #1786, I introduced a new claim type that allows determining whether the access token represents a user or an application. When the access token doesn't represent a user, an error will be returned indicating why the userinfo endpoint cannot be used. It should make this requirement clearer.
Have enabled OpenID server on the default tenant, and enabled all the options. I have client credentials flow setup to enable login with the default tenant credentials. However if I was to go to the default tenant userinfo endpoint https://localhost:44300/connect/userinfo , the UserInfoController fails to authenticate and retrieve the user principal and returns 401.
I am expecting to see claims from the logged in admin user.
The text was updated successfully, but these errors were encountered: