Skip to main content

Identity Server 3

This library supports authenticating with Identity Server 3. The only difference from Identity Server 4 is that it requires a clientSecret and there is no way to opt out of it.

// You must include a clientSecret
const config = {
issuer: 'your-identityserver-url',
clientId: 'your-client-id',
clientSecret: 'your-client-secret',
redirectUrl: 'com.your.app.name:/oauthredirect',
scopes: ['openid', 'profile', 'offline_access'],
};

// Log in to get an authentication token
const authState = await authorize(config);

// Refresh token
const refreshedState = await refresh(config, {
refreshToken: authState.refreshToken,
});

// Revoke token, note that Identity Server expects a client id on revoke
await revoke(config, {
tokenToRevoke: refreshedState.refreshToken,
sendClientId: true,
});
Example server configuration
var client = new Client
{
ClientId = "native.code",
ClientName = "Native Client (Code with PKCE)",
Flow = Flows.AuthorizationCodeWithProofKey,
RedirectUris = { "com.your.app.name:/oauthredirect" },
ClientSecrets = new List<Secret> { new Secret("your-client-secret".Sha256()) },
AllowAccessToAllScopes = true
};