Chris Ross

> The client seems to cache this failure and downgrade future WebSocket requests to HTTP/1.1. I've reproduced this with Chrome/Edge and Firefox. To go back to HTTP/2 often requires closing...

ClaimsIssuer is used by implementations that create Claims from sources that don't provide that information. E.g. https://github.com/dotnet/aspnetcore/blob/f96dce6889fe67aaed33f0c2b147b8b537358f1e/src/Security/Authentication/Certificate/src/CertificateAuthenticationHandler.cs#L243 OpenIdConnect actually has an issuer concept built in, that's what's used to validate...

The claims issuer is still set to a unique provider ID like "https://myprovider.com", right? Is your concern about the format?

Can you clarify why you _need_ it to be formatted as "MyProvider" instead of the current value "https://myprovider.com/"?

@brockallen mainly because IdentityModel doesn't provide an API to set the claims issuer independently, and this is the first request I'm aware of to do so. We can file an...

Filed https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/1972.

Workaround: ``` private class IssuerFixupAction : ClaimAction { public IssuerFixupAction() : base(ClaimTypes.NameIdentifier, string.Empty) { } public override void Run(JsonElement userData, ClaimsIdentity identity, string issuer) { var oldClaims = identity.Claims.ToList(); foreach...

https://github.com/dotnet/aspnetcore/issues/10117#issuecomment-498865444 > Using separate app pools and a load balancer is our recommended approach for high-availability as it allows you full flexibility over deployment process and the ability to easily...

Deployments are just one example that disrupt availability. A single instance is not advised for high-availability for many reasons.

@cun-dp that makes sense, the application has stopped serving traffic and can't re-start until the current process exits.