Hi, I have many clients ( devices and server to server services) that need to connect with AbpZero (version >= 9.1). I have enabled identityserver4 with "client_credentials" as AllowedGrantTypes but Abp don't recognize as autheticated the token issued.
The problem is similiar to https://support.aspnetzero.com/QA/Questions/5145/API-call-requiring--Authirization-by-using-IdentityServer
These clients don't need user and password and I don't want to create many fake users beacuse isn't required permissions or roles. Only authentication is required. How can I obtain this requirements?
At the end we have separated Abp authentication from Identity Server. Each services talk directly to Identiy Server with client credential authentication to obtain a token. The service's endpoints are protected by a custom attribute that validate the token issued by identity server (scope, validity, issuer, end so on).
colud please share more details about this solution? So if I correct undestand you have create an IS that is the main authentication point for ABP and other services (have you create it from scratch?), change abp login method to use external IS (are you on MVC or Angular?) like a third party authenticator (es. FB, google, M365).