Using JwtAuthProviderReader and /.well-known/openid.configuration

I’m trying to setup a JwtAuthProviderReader against identity server. I want to get the details from the /.well-known/opened-configuration endpoint.

I’m trying to use ConfigurationManager but am having trouble working out how to map the config manager elements into the JwtAuthProviderReader. I’ve seen some posts indicating it has been done but without any notion of how.

Is there a SS example for this or can anyone point me in the right direction?



Here’s a few links I’ve found from the community that have integrated ServiceStack with IdentityServer JWT:

Feel free to ask @tobi on this thread for help in using his custom JWT AuthProvider.

These solutions use a custom AuthProvider to process Identity Server’s JWT directly although I prefer instead to let Identity Server handle the JWT Token and create the ClaimsPrincipal User and instead use the NetCoreIdentityAuthProvider to provide an adapter to map it to an Authenticated UserSession.

See my StackOverflow answer on changes I’ve made to ServiceStack + IdentityServer Example on GitHub to get it to work with identity server which basically just removing all other Auth Providers and registering:

Plugins.Add(new AuthFeature(() => new AuthUserSession(),
    new IAuthProvider[] {
        new NetCoreIdentityAuthProvider(AppSettings), 

Which will work when the JWT has a “sub” otherwise you’d need to register what JWT property should be used instead, e.g:

Plugins.Add(new AuthFeature(() => new AuthUserSession(),
    new IAuthProvider[] {
        new NetCoreIdentityAuthProvider(AppSettings) {
            MapClaimsToSession = {
                ["client_id"] = nameof(AuthUserSession.Id)

Thank you - @Tobi’s link turned out to be the clue I needed.

1 Like