AspCore 2.0 and IdentityServer v3, Audience Validation Fails

Question

Given:

• IdentityServer v3
• Client WebApp with aspcore 2.0

Scenario:

When using aspcore 1.1 with Identity Server v3 I needed to set LegacyAudienceValidation = true (see .net core Client doesn't authenticate with IdentityServer v3 - Offset in Audience(

Now I migrate to .net core 2.0. and following this guide to migrate identity there are other options and in core 1.0

Problem: So there isn't anymore the LegacyAudienceValidation property and as a result i get audienace validation errors.

Microsoft.IdentityModel.Tokens.SecurityTokenInvalidAudienceException: IDX10208: Unable to validate audience. validationParameters.ValidAudience is null or whitespace and validationParameters.ValidAudiences is null.

My Client config code looks like this

 services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
     .AddJwtBearer(options =>
         {
             options.Authority = Authority;

Am I missing something the aspcore api or are there any hints how to fix this gap?

Answer 1

You can also use the IdentityServer4.AccessTokenValidation nuget package, and set LegacyAudienceValidation

services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority = "identityserver";
                options.ApiName = "yourapi";
                options.LegacyAudienceValidation = true;  // to make core 2.0 work with idsrv3
            });