Kévin Chalet
Kévin Chalet
Glad I could help 😃
Hey, For security reasons, OpenIddict will return a stripped-down introspection response in two cases: - The caller is a public client. - The caller is not explicitly listed as an...
As I said in my last post, you must set the resources using `principal.SetResources()`: > You'll likely want to double-check the client_id of your introspection client is listed when calling...
I tested locally with the latest OpenIddict 3.1.1 bits and I wasn't able to reproduce this issue. Is your application open-source? If it's not, a repro app would help.
Hey, Thanks for sponsoring the project, much appreciated! Can you please try with `/connect/introspect` instead of `connect/introspect` to see if it makes any difference?
Glad it helped! I'll reopen this ticket and convert it to a bug report to track potential improvements to make the UX better (because well, it's quite hard to figure...
> I wanted to give contributing a shot and was going to at least attempt this issue. @anorborg thanks a lot for your interest! > If my limited experience precludes...
FYI, the introspection feature hasn't yet been ported to OpenIddict, so please ignore the tests in `AspNet.Security.OAuth.Introspection.Tests` for now.
Note: the introspection feature was ported as part of https://github.com/openiddict/openiddict-core/pull/947.
> If so are there any technical reasons for not wanting to add such support from your point of view? Like most things, the reason is actually simpler: because you're...