How do I check my OIDC token?
There are basically three steps to it:
- Q. How do I retrieve my tokens?
- Q. What is the difference between authorization server and resource server?
- Q. When to use access token validation endpoint identityserver?
- Q. Why do we need a token validation library?
- Q. How to check if access token is expired / invalid?
- Q. How to check if a refresh token is still valid?
- Check that the ID token’s crypto algorithm matches the one which the client has registered with the OpenID provider;
- Validate the ID token signature or HMAC;
- Validate the ID token claims: issuer — does the token originate from the expected IdP?
Q. How do I retrieve my tokens?
Here is how to retrieve your last 3 purchased KPLC tokens
- On your mobile phone, dial *977#
- Go to “Prepaid Services”
- And select “Latest Token”
- Enter your Prepaid meter account number.
- Then Press “Send”
Q. What is the difference between authorization server and resource server?
An Authorization Server issues tokens to client applications on behalf of a Resource Owner for use in authenticating subsequent API calls to the Resource Server. The Resource Server hosts the protected resources, and can accept or respond to protected resource requests using access tokens.
Q. When to use access token validation endpoint identityserver?
IdentityServer3. Access token validation endpoint. The access token validation endpoint can be used to validate reference tokens. It can be also used to validate self-contained JWTs if the consumer does not have support for appropriate JWT or cryptographic libraries. You can either GET or POST to the validation endpoint.
Q. Why do we need a token validation library?
Crazy, I know. The basic premise is that we’re doing OAuth for our mobile app; which the server endpoints need to validate the token. The server is not the authenticating server. We’ll need to share a cert and validate the token. The original idea was to write our own token validation library. We started down this route.
Q. How to check if access token is expired / invalid?
(I know that mainly IdSrv is used for authorization, but it provide authentication as well.) This way, third party application call a WCF method (for some business) must pass in an access token and if the access token is invalid/expired, third party application will get an exception.
Q. How to check if a refresh token is still valid?
Every time the client refreshes a token it needs to make an (authenticated) back-channel call to IdentityServer. This allows checking if the refresh token is still valid, or has been revoked in the meantime. From http://docs.identityserver.io/en/latest/topics/grant_types.html#refresh-tokens
¿Que es OAuth 2.0 y OpenID Connect? en este video te lo explico con manzanas y dibujos, son 15 minutos con una valiosa informaciónSígueme en mis redes social…
No Comments