What is your product version? 10.2 What is your product type (Angular or MVC)? MVC What is product framework type (.net framework or .net core)? .Net Core
we have two aspnetzero portals one of them is SSO and onother one is eService portal , the eService portal get authntication from SSO via OpenId, also we have native mobile app connected to SSO via OpenId to get access to eservice portal , from mobile application we can call all API's related to SSO but when we call API's that are related to eservice portal with the same access token that created from SSO we got return message for unauthorized, user , is there any missing configuration to verify that token generated form sso is vaild token let talk call some api like (/connect/introspect) ,, if not how can we handel some case
could you please give us a suggestion
Sorry for the late reply. Considering your scenario, this might be a cache problem. Does it work when you restart all apps and try again ?
Because, by default, even if you use the same database for all apps, they are using in-memory cache for caching permisisons. So, when you change a permission on Portal app, SSO app will not know this change.
If this is the case, you can switch to Redis to solve this problem, see https://aspnetboilerplate.com/Pages/Documents/Caching#redis-cache-integration