Open Closed

Use IdentitySever to authenticate no human clients #9760

ivanosw1 created

Hi, I have many clients ( devices and server to server services) that need to connect with AbpZero (version >= 9.1). I have enabled identityserver4 with "client_credentials" as AllowedGrantTypes but Abp don't recognize as autheticated the token issued.

The problem is similiar to

These clients don't need user and password and I don't want to create many fake users beacuse isn't required permissions or roles. Only authentication is required. How can I obtain this requirements?

Thank you

3 Answer(s)
  • 0
    maliming created
    Support Team


    Please refer to

  • 0
    elferone created

    @ivanosw1, what solution did you end up chosing for this ? We'll looking at the same context as you.

    Thanks !

  • 0
    ivanosw1 created

    Hi @elferone

    At the end we have separated Abp authentication from Identity Server. Each services talk directly to Identiy Server with client credential authentication to obtain a token. The service's endpoints are protected by a custom attribute that validate the token issued by identity server (scope, validity, issuer, end so on).