i'm using a specific OIDC provider for my security in .Net Core 2.0 MVC Project, however I am having trouble with the Discovery Document.
I have been given 3 url's from the provider (where the domain is fiction):
https://www.oidcprovider.com/connectapi/authorize
in my configuration, i have entered the following values:
.AddOpenIdConnect(options => {
options.Authority = "https://www.oidcprovider.com/connectapi/authorize/";
options.ClientId = "xxx";
options.ClientSecret = "xxx";
options.ResponseType = OpenIdConnectResponseType.Code;
options.CallbackPath = new PathString("/api/security/callback");
I am getting the following error, trying to run the application:
An unhandled exception occurred while processing the request. HttpRequestException: Response status code does not indicate success: 400 (Bad Request). System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()
IOException: IDX10804: Unable to retrieve document from: 'https://www.oidcprovider.com/connectapi/authorize/.well-known/openid-configuration'. Microsoft.IdentityModel.Protocols.HttpDocumentRetriever+d__8.MoveNext()
InvalidOperationException: IDX10803: Unable to obtain configuration from: 'https://www.oidcprovider.com/connectapi/authorize/.well-known/openid-configuration'. Microsoft.IdentityModel.Protocols.ConfigurationManager+d__24.MoveNext()
Is the OIDC Discovery Document required for this to work?
I have tried calling the discovery document URL directly in my browser, by calling this url: https://www.oidcprovider.com/connectapi/authorize/.well-known/openid-configuration
However, I receive this JSON information back:
{"error":"invalid_client","error_description":"No client id supplied"}
How do I get this to work?
My 2 Questions are:
1. Is the Discovery Document Optional or Mandatory ?
2. Can I specify the endpoints manually in .net Core 2.0 when no disco doc is available?
