Skip to content

Configuring a Client

We will use AuthCode+PKCE, this must be configured in a client configuration. It is important to configure the RedirectUris and PostLogoutRedirectUris.

In the next example, we can see how to configure a client with:

  • AuthCode (GrandTypes.Code)
  • PKCE (RequirePkce)
  • RedirectUris (Login)
  • PostLogoutRedirectUris (Logout)
  • ClientSecrets (X509Certificate)
C#
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
new Client
{
    ClientId = "mutual-lts",
    ClientSecrets = {
        // name based
        new Secret(@"CN=mutual.lts.test, OU=ROO\ballen@roo, O=cert development certificate", "mutual-tls.test")
        {
            Type = SecretTypes.X509CertificateName
        },
        // or thumbprint based
        //new Secret("bca0d040847f843c5ee0fa6eb494837470155868", "mutual-tls.test")
        //{
        //    Type = SecretTypes.X509CertificateThumbprint
        //},
    },
    AllowedGranTypes = GrantTypes.Code,

    // where to redirect to after Login
    RedirectUris = { "https://localhost:5002/signin-oidc" },

    // where to redirect to after Logout
    PostLogoutRedirectUris = { "https://localhost:5002/signout-callback-oidc" },

    AllowOfflineAccess = true,

    // require PKCE
    RequirePkce = true
}