2021-01-13 11:30:30 +08:00
<!DOCTYPE html>
<!-- [if IE]><![endif] -->
< html >
< head >
< meta charset = "utf-8" >
< meta http-equiv = "X-UA-Compatible" content = "IE=edge,chrome=1" >
2021-01-13 13:30:23 +08:00
< title > Migrate to OpenIddict 1.0/2.0 < / title >
2021-01-13 11:30:30 +08:00
< meta name = "viewport" content = "width=device-width" >
2021-01-13 13:30:23 +08:00
< meta name = "title" content = "Migrate to OpenIddict 1.0/2.0 " >
2021-01-13 11:30:30 +08:00
< meta name = "generator" content = "docfx 2.56.6.0" >
2021-01-13 11:49:03 +08:00
< link rel = "shortcut icon" href = "../images/favicon.ico" >
2021-01-13 11:30:30 +08:00
< link rel = "stylesheet" href = "../styles/docfx.vendor.css" >
< link rel = "stylesheet" href = "../styles/docfx.css" >
< link rel = "stylesheet" href = "../styles/main.css" >
< link href = "https://fonts.googleapis.com/css?family=Roboto" rel = "stylesheet" >
< meta property = "docfx:navrel" content = "../toc.html" >
< meta property = "docfx:tocrel" content = "toc.html" >
< / head > < body data-spy = "scroll" data-target = "#affix" data-offset = "120" >
< div id = "wrapper" >
< header >
< nav id = "autocollapse" class = "navbar navbar-inverse ng-scope" role = "navigation" >
< div class = "container" >
< div class = "navbar-header" >
< button type = "button" class = "navbar-toggle" data-toggle = "collapse" data-target = "#navbar" >
< span class = "sr-only" > Toggle navigation< / span >
< span class = "icon-bar" > < / span >
< span class = "icon-bar" > < / span >
< span class = "icon-bar" > < / span >
< / button >
2021-01-13 12:03:45 +08:00
< a class = "navbar-brand" href = "../index.html" >
< img id = "logo" class = "svg" src = "../images/logo.png" alt = "" >
< / a > < / div >
2021-01-13 11:30:30 +08:00
< div class = "collapse navbar-collapse" id = "navbar" >
< form class = "navbar-form navbar-right" role = "search" id = "search" >
< div class = "form-group" >
< input type = "text" class = "form-control" id = "search-query" placeholder = "Search" autocomplete = "off" >
< / div >
< / form >
< / div >
< / div >
< / nav >
< div class = "subnav navbar navbar-default" >
< div class = "container hide-when-search" id = "breadcrumb" >
< ul class = "breadcrumb" >
< li > < / li >
< / ul >
< / div >
< / div >
< / header >
< div role = "main" class = "container body-content hide-when-search" >
< div class = "sidenav hide-when-search" >
< a class = "btn toc-toggle collapse" data-toggle = "collapse" href = "#sidetoggle" aria-expanded = "false" aria-controls = "sidetoggle" > Show / Hide Table of Contents< / a >
< div class = "sidetoggle collapse" id = "sidetoggle" >
< div id = "sidetoc" > < / div >
< / div >
< / div >
< div class = "article row grid-right" >
< div class = "col-md-10" >
< article class = "content wrap" id = "_content" data-uid = "" >
2021-01-13 13:30:23 +08:00
< h1 id = "migrate-to-openiddict-1020" > Migrate to OpenIddict 1.0/2.0< / h1 >
2021-01-13 11:30:30 +08:00
2021-01-13 13:30:23 +08:00
< h2 id = "whats-new-in-openiddict-1020" > What' s new in OpenIddict 1.0/2.0?< / h2 >
< p > The announcement listing the changes introduced in this milestone can be found < a href = "https://kevinchalet.com/2018/11/01/openiddict-1-0-and-2-0-general-availability/" > here< / a > .< / p >
2021-01-13 11:30:30 +08:00
< h2 id = "update-your-packages-references" > Update your packages references< / h2 >
< p > For that, simply update your < code > .csproj< / code > file to point to the newest OpenIddict packages:< / p >
< h3 id = "aspnet-core-1x" > ASP.NET Core 1.x< / h3 >
2021-01-13 13:30:23 +08:00
< pre > < code class = "lang-xml" > < ItemGroup>
< PackageReference Include=" OpenIddict" Version=" 1.0.0" />
< PackageReference Include=" OpenIddict.EntityFrameworkCore" Version=" 1.0.0" />
< /ItemGroup>
< / code > < / pre > < h3 id = "aspnet-core-2x" > ASP.NET Core 2.x< / h3 >
< pre > < code class = "lang-xml" > < ItemGroup>
< PackageReference Include=" OpenIddict" Version=" 2.0.0" />
< PackageReference Include=" OpenIddict.EntityFrameworkCore" Version=" 2.0.0" />
< /ItemGroup>
< / code > < / pre > < p > No additional change should be required for basic scenarios.< / p >
< h1 id = "migrate-to-openiddict-1020-rc3" > Migrate to OpenIddict 1.0/2.0 rc3< / h1 >
< h2 id = "whats-new-in-openiddict-1020-rc3" > What' s new in OpenIddict 1.0/2.0 rc3?< / h2 >
< p > The announcement listing the changes introduced in this milestone can be found < a href = "https://kevinchalet.com/2018/06/20/openiddict-rc3-is-out/" > here< / a > .< / p >
< h2 id = "update-your-packages-references-1" > Update your packages references< / h2 >
< p > For that, simply update your < code > .csproj< / code > file to point to the newest OpenIddict packages:< / p >
< h3 id = "aspnet-core-1x-1" > ASP.NET Core 1.x< / h3 >
2021-01-13 11:30:30 +08:00
< pre > < code class = "lang-xml" > < ItemGroup>
< PackageReference Include=" OpenIddict" Version=" 1.0.0-rc3-final" />
< PackageReference Include=" OpenIddict.EntityFrameworkCore" Version=" 1.0.0-rc3-final" />
< /ItemGroup>
2021-01-13 13:30:23 +08:00
< / code > < / pre > < h3 id = "aspnet-core-2x-1" > ASP.NET Core 2.x< / h3 >
2021-01-13 11:30:30 +08:00
< pre > < code class = "lang-xml" > < ItemGroup>
< PackageReference Include=" OpenIddict" Version=" 2.0.0-rc3-final" />
< PackageReference Include=" OpenIddict.EntityFrameworkCore" Version=" 2.0.0-rc3-final" />
< /ItemGroup>
< / code > < / pre > < div class = "TIP" > < h5 > Tip< / h5 > < p > Note: if you have an explicit reference to < code > AspNet.Security.OAuth.Validation< / code > or < code > OpenIddict.Mvc< / code > ,
you can safely remove these dependencies: they are now transitively referenced by the < code > OpenIddict< / code > metapackage.< / p >
< / div >
2021-01-13 13:30:23 +08:00
< div class = "IMPORTANT" > < h5 > Important< / h5 > < p > Note: if your application references < code > OpenIddict.Models< / code > or < code > OpenIddict.Stores< / code > , you MUST remove them as these packages are no longer used in rc3.< / p >
2021-01-13 11:30:30 +08:00
< / div >
< h2 id = "use-the-new-openiddict-services-registration-apis" > Use the new OpenIddict services registration APIs< / h2 >
< p > To offer a better user experience, the registrations APIs exposed by OpenIddict have been reworked. Updating your code should be quite straightforward:< / p >
2021-01-13 13:30:23 +08:00
< pre > < code class = "lang-csharp" > // In OpenIddict rc2, all the options used to be grouped.
2021-01-13 11:30:30 +08:00
services.AddOpenIddict(options =>
{
options.AddEntityFrameworkCoreStores< ApplicationDbContext> ();
options.AddMvcBinders();
options.EnableAuthorizationEndpoint(" /connect/authorize" )
.EnableLogoutEndpoint(" /connect/logout" )
.EnableTokenEndpoint(" /connect/token" )
.EnableUserinfoEndpoint(" /api/userinfo" );
options.AllowAuthorizationCodeFlow()
.AllowPasswordFlow()
.AllowRefreshTokenFlow();
options.RegisterScopes(OpenIdConnectConstants.Scopes.Email,
OpenIdConnectConstants.Scopes.Profile,
OpenIddictConstants.Scopes.Roles);
options.RequireClientIdentification();
options.EnableRequestCaching();
options.EnableScopeValidation();
options.DisableHttpsRequirement();
});
2021-01-13 13:30:23 +08:00
< / code > < / pre > < pre > < code class = "lang-csharp" > // In OpenIddict rc3, the options are now split into 3 categories:
2021-01-13 11:30:30 +08:00
// the core services, the server services and the validation services.
services.AddOpenIddict()
.AddCore(options =>
{
// AddEntityFrameworkCoreStores() is now UseEntityFrameworkCore().
options.UseEntityFrameworkCore()
.UseDbContext< ApplicationDbContext> ();
})
.AddServer(options =>
{
// AddMvcBinders() is now UseMvc().
options.UseMvc();
options.EnableAuthorizationEndpoint(" /connect/authorize" )
.EnableLogoutEndpoint(" /connect/logout" )
.EnableTokenEndpoint(" /connect/token" )
.EnableUserinfoEndpoint(" /api/userinfo" );
options.AllowAuthorizationCodeFlow()
.AllowPasswordFlow()
.AllowRefreshTokenFlow();
options.RegisterScopes(OpenIdConnectConstants.Scopes.Email,
OpenIdConnectConstants.Scopes.Profile,
OpenIddictConstants.Scopes.Roles);
// This API was removed as client identification is now
// required by default. You can remove or comment this line.
//
// options.RequireClientIdentification();
options.EnableRequestCaching();
// This API was removed as scope validation is now enforced
// by default. You can safely remove or comment this line.
//
// options.EnableScopeValidation();
options.DisableHttpsRequirement();
});
< / code > < / pre > < h2 id = "move-to-the-openiddict-validation-handler-optional" > Move to the OpenIddict validation handler (optional)< / h2 >
< p > While not required, moving to the new validation handler is recommended:< / p >
< pre > < code class = "lang-csharp" > // Replace...
services.AddAuthentication()
.AddOAuthValidation();
// ... by:
services.AddOpenIddict()
.AddValidation();
< / code > < / pre > < div class = "TIP" > < h5 > Tip< / h5 > < p > Note: the OpenIddict validation handler lives in the < code > OpenIddict.Validation< / code > package, which is referenced by the < code > OpenIddict< / code > metapackage.
You don' t have to explicitly add a new < code > PackageReference< / code > in your < code > .csproj< / code > file to be able to use it.< / p >
< / div >
< h2 id = "if-necessary-create-new-application-entries" > If necessary, create new application entries< / h2 >
< p > OpenIddict now rejects unauthenticated token/revocation requests by default.< / p >
2021-01-13 13:30:23 +08:00
< p > If, after migrating to rc3, you see errors similar to this one:< / p >
2021-01-13 11:30:30 +08:00
< blockquote > < p > < strong > invalid_request< / strong > : The mandatory ' client_id' parameter is missing.< / p >
< / blockquote >
< p > Add an application entry for the client application and send the corresponding < code > client_id< / code > as part of the token request:< / p >
< pre > < code class = "lang-csharp" > var descriptor = new OpenIddictApplicationDescriptor
{
ClientId = " postman" ,
DisplayName = " Postman" ,
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.GrantTypes.Password,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Roles
}
};
await _applicationManager.CreateAsync(descriptor);
< / code > < / pre > < p > If you prefer accepting anonymous clients, use < code > options.AcceptAnonymousClients()< / code > :< / p >
< pre > < code class = "lang-csharp" > services.AddOpenIddict()
.AddServer(options =>
{
options.AcceptAnonymousClients();
});
< / code > < / pre > < h2 id = "if-necessary-register-the-scopes-used-by-your-clients" > If necessary, register the scopes used by your clients< / h2 >
2021-01-13 13:30:23 +08:00
< p > Starting with rc3, OpenIddict will reject unrecognized scopes by default.< / p >
< p > If, after migrating to rc3, you see errors similar to this one:< / p >
2021-01-13 11:30:30 +08:00
< blockquote > < p > < strong > invalid_scope< / strong > : The specified ' scope' parameter is not valid.< / p >
< / blockquote >
< p > Simply add the scopes you want to use to the list of registered scopes:< / p >
< pre > < code class = "lang-csharp" > services.AddOpenIddict()
// Register the OpenIddict server handler.
.AddServer(options =>
{
options.RegisterScopes(OpenIdConnectConstants.Scopes.Email,
OpenIdConnectConstants.Scopes.Profile,
OpenIddictConstants.Scopes.Roles);
});
< / code > < / pre > < p > If you prefer disabling scope validation, use < code > options.DisableScopeValidation()< / code > :< / p >
< pre > < code class = "lang-csharp" > services.AddOpenIddict()
.AddServer(options =>
{
options.DisableScopeValidation();
});
< / code > < / pre > < h2 id = "if-necessary-adjust-the-permissions-granted-to-your-clients" > If necessary, adjust the permissions granted to your clients< / h2 >
2021-01-13 13:30:23 +08:00
< p > < strong > Starting with rc3, permissions are no longer optional nor implicit< / strong > :
2021-01-13 11:30:30 +08:00
if you don' t explicitly grant an application the necessary permissions, it will be blocked by OpenIddict.< / p >
< p > To attach permissions to an application, use < code > OpenIddictApplicationManager< / code > :< / p >
< pre > < code class = "lang-csharp" > var descriptor = new OpenIddictApplicationDescriptor
{
ClientId = " mvc" ,
ClientSecret = " 901564A5-E7FE-42CB-B10D-61EF6A8F3654" ,
DisplayName = " MVC client application" ,
PostLogoutRedirectUris = { new Uri(" http://localhost:53507/signout-callback-oidc" ) },
RedirectUris = { new Uri(" http://localhost:53507/signin-oidc" ) },
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.Endpoints.Logout,
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Roles
}
};
await _applicationManager.CreateAsync(descriptor);
< / code > < / pre > < p > If you don' t care about permissions (e.g because you don' t have third-party clients), you can instead disable them:< / p >
< pre > < code class = "lang-csharp" > services.AddOpenIddict()
// Register the OpenIddict server handler.
.AddServer(options =>
{
options.IgnoreEndpointPermissions()
.IgnoreGrantTypePermissions()
.IgnoreScopePermissions();
});
< / code > < / pre > < hr >
2021-01-13 13:31:57 +08:00
< h1 id = "migrate-to-openiddict-1020-rc2" > Migrate to OpenIddict 1.0/2.0 rc2< / h1 >
< h2 id = "whats-new-in-openiddict-1020-rc2" > What' s new in OpenIddict 1.0/2.0 rc2?< / h2 >
2021-01-13 11:30:30 +08:00
< p > The full list of changes can be found < a href = "https://github.com/openiddict/openiddict-core/milestone/8?closed=1" > here< / a > . It includes < strong > bug fixes< / strong > (including a bug fix in the refresh token handling)
and new features like < strong > application permissions< / strong > , that allow limiting the OpenID Connect features (endpoints and flows) an application is able to use.< / p >
2021-01-13 13:30:23 +08:00
< p > < strong > Migrating to OpenIddict rc2 (< code > 1.0.0-rc2-final< / code > and < code > 2.0.0-rc2-final< / code > ) requires making changes in your database< / strong > : existing properties have been reworked
2021-01-13 11:30:30 +08:00
(e.g < a href = "https://github.com/openiddict/openiddict-core/issues/497" > to work around a MySQL limitation< / a > ) and new ones have been added to support the new features.
This procedure is quite easy and only requires a few minutes.< / p >
< blockquote > < p > Note: this guide assumes your application uses the OpenIddict Entity Framework Core 2.x stores. If you use a custom store, changes will have to be made manually.
A list of added/updated/renamed columns is available at the end of this guide.< / p >
< / blockquote >
< h2 id = "ensure-migrations-are-correctly-enabled-for-your-project" > Ensure migrations are correctly enabled for your project< / h2 >
2021-01-13 13:30:23 +08:00
< p > < strong > Before migrating to OpenIddict rc2, make sure migrations are already enabled for your application< / strong > . If you have a < code > Migrations< / code >
2021-01-13 11:30:30 +08:00
folder in your application root folder and an < code > __EFMigrationsHistory< / code > table in your database, you' re good to go.< / p >
< p > If you don' t have these Entity Framework Core artifacts, migrations are likely not enabled. To fix that, add the following entries in your < code > .csproj< / code > :< / p >
< pre > < code class = "lang-xml" > < ItemGroup>
< PackageReference Include=" Microsoft.EntityFrameworkCore.Design"
Version=" 2.0.0" PrivateAssets=" All" />
< /ItemGroup>
< ItemGroup>
< DotNetCliToolReference Include=" Microsoft.EntityFrameworkCore.Tools.DotNet"
Version=" 2.0.0" />
< /ItemGroup>
< / code > < / pre > < p > Then, open a new command line and add an initial migration using < code > dotnet ef migrations add InitialMigration< / code > (< strong > but don' t apply it!< / strong > ).< / p >
2021-01-13 13:30:23 +08:00
< h2 id = "update-your-packages-references-2" > Update your packages references< / h2 >
2021-01-13 11:30:30 +08:00
< p > For that, simply update your < code > .csproj< / code > file to point to the newest OpenIddict packages:< / p >
2021-01-13 13:30:23 +08:00
< h3 id = "aspnet-core-1x-2" > ASP.NET Core 1.x< / h3 >
2021-01-13 11:30:30 +08:00
< pre > < code class = "lang-xml" > < ItemGroup>
< PackageReference Include=" OpenIddict" Version=" 1.0.0-rc2-final" />
< PackageReference Include=" OpenIddict.EntityFrameworkCore" Version=" 1.0.0-rc2-final" />
< PackageReference Include=" OpenIddict.Mvc" Version=" 1.0.0-rc2-final" />
< /ItemGroup>
2021-01-13 13:30:23 +08:00
< / code > < / pre > < h3 id = "aspnet-core-2x-2" > ASP.NET Core 2.x< / h3 >
2021-01-13 11:30:30 +08:00
< pre > < code class = "lang-xml" > < ItemGroup>
< PackageReference Include=" OpenIddict" Version=" 2.0.0-rc2-final" />
< PackageReference Include=" OpenIddict.EntityFrameworkCore" Version=" 2.0.0-rc2-final" />
< PackageReference Include=" OpenIddict.Mvc" Version=" 2.0.0-rc2-final" />
< /ItemGroup>
< / code > < / pre > < h2 id = "add-a-new-migration" > Add a new migration< / h2 >
< ol >
< li > First, open a new command line and run < code > dotnet ef migrations add MigrateToOpenIddictRc2< / code > .< / li >
< li > < strong > If you created an initial migration at step 1, remove it from the < code > Migrations< / code > folder< / strong > .< / li >
< li > Apply the < code > MigrateToOpenIddictRc2< / code > migration using < code > dotnet ef database update MigrateToOpenIddictRc2< / code > .< / li >
< / ol >
< h2 id = "run-the-migration-script-to-convert-columns-to-the-new-format" > Run the migration script to convert columns to the new format< / h2 >
< p > For that, add the following snippet to your < code > Startup< / code > class:< / p >
< pre > < code class = "lang-csharp" > private async Task UpdateOpenIddictTablesAsync(IServiceProvider services)
{
using (var scope = services.GetRequiredService< IServiceScopeFactory> ().CreateScope())
{
// Change ApplicationDbContext to match your context name if you' ve changed it.
var context = scope.ServiceProvider.GetRequiredService< ApplicationDbContext> ();
await context.Database.EnsureCreatedAsync();
// If you use a different entity type or a custom key,
// change this line (e.g OpenIddictApplication< long> ).
foreach (var application in context.Set< OpenIddictApplication> ())
{
// Convert the space-separated PostLogoutRedirectUris property to JSON.
if (!string.IsNullOrEmpty(application.PostLogoutRedirectUris) & &
application.PostLogoutRedirectUris[0] != ' [' )
{
var addresses = application.PostLogoutRedirectUris.Split(
new[] { " " }, StringSplitOptions.RemoveEmptyEntries);
application.PostLogoutRedirectUris =
new JArray(addresses).ToString(Formatting.None);
}
// Convert the space-separated RedirectUris property to JSON.
if (!string.IsNullOrEmpty(application.RedirectUris) & &
application.RedirectUris[0] != ' [' )
{
var addresses = application.RedirectUris.Split(
new[] { " " }, StringSplitOptions.RemoveEmptyEntries);
application.RedirectUris = new JArray(addresses).ToString(Formatting.None);
}
}
// If you use a different entity type or a custom key,
// change this line (e.g OpenIddictAuthorization< long> ).
foreach (var authorization in context.Set< OpenIddictAuthorization> ())
{
// Convert the space-separated Scopes property to JSON.
if (!string.IsNullOrEmpty(authorization.Scopes) & & authorization.Scopes[0] != ' [' )
{
var scopes = authorization.Scopes.Split(
new[] { " " }, StringSplitOptions.RemoveEmptyEntries);
authorization.Scopes = new JArray(scopes).ToString(Formatting.None);
}
}
await context.SaveChangesAsync();
}
}
< / code > < / pre > < p > Then, at the end of the < code > public void Configure(IApplicationBuilder app)< / code > method, add the following line:< / p >
< pre > < code class = "lang-csharp" > public void Configure(IApplicationBuilder app)
{
app.UseDeveloperExceptionPage();
app.UseStaticFiles();
app.UseStatusCodePagesWithReExecute(" /error" );
app.UseAuthentication();
app.UseMvcWithDefaultRoute();
// Run the migration script synchronously.
UpdateOpenIddictTablesAsync(app.ApplicationServices).GetAwaiter().GetResult();
}
< / code > < / pre > < p > Run your application. Once it' s correctly started, stop it and remove the migration script.< / p >
< h2 id = "if-your-authorization-server-uses-introspection-make-sure-resources-are-set-in-the-authentication-ticket" > If your authorization server uses introspection, make sure resources are set in the authentication ticket< / h2 >
< p > < strong > Setting an explicit list of resources is now required to allow client applications to introspect a token.< / strong >
For that, call < code > ticket.SetResources()< / code > with the list of the client identifiers allowed to validate the token. E.g:< / p >
< pre > < code class = "lang-csharp" > var ticket = new AuthenticationTicket(
new ClaimsPrincipal(identity),
new AuthenticationProperties(),
OpenIdConnectServerDefaults.AuthenticationScheme);
ticket.SetResources(" tracking_api" , " marketing_api" );
< / code > < / pre > < h2 id = "optionally-update-your-code-to-grant-applications-the-minimum-required-permissions" > Optionally, update your code to grant applications the minimum required permissions< / h2 >
2021-01-13 13:30:23 +08:00
< p > Starting with rc2, OpenIddict includes an optional feature codenamed " app permissions" that allows
2021-01-13 11:30:30 +08:00
controlling and limiting the OAuth2/OpenID Connect features a client application is able to use.< / p >
< p > To learn more about this feature, read the < a href = "../configuration/application-permissions.html" > Application permissions documentation< / a > .< / p >
< h2 id = "list-of-changes-for-applications-using-custom-stores" > List of changes (for applications using custom stores)< / h2 >
< h3 id = "renamed-properties" > Renamed properties< / h3 >
< table >
< thead >
< tr >
< th > Table< / th >
< th > Old column name< / th >
< th > New column name< / th >
< th > Observations< / th >
< / tr >
< / thead >
< tbody >
< tr >
< td > OpenIddictApplications< / td >
< td > Timestamp< / td >
< td > ConcurrencyToken< / td >
< td > The column type was changed to nvarchar to work around a MySQL limitation.< / td >
< / tr >
< tr >
< td > OpenIddictAuthorizations< / td >
< td > Timestamp< / td >
< td > ConcurrencyToken< / td >
< td > The column type was changed to nvarchar to work around a MySQL limitation.< / td >
< / tr >
< tr >
< td > OpenIddictScopes< / td >
< td > Timestamp< / td >
< td > ConcurrencyToken< / td >
< td > The column type was changed to nvarchar to work around a MySQL limitation.< / td >
< / tr >
< tr >
< td > OpenIddictTokens< / td >
< td > Timestamp< / td >
< td > ConcurrencyToken< / td >
< td > The column type was changed to nvarchar to work around a MySQL limitation.< / td >
< / tr >
< tr >
< td > OpenIddictTokens< / td >
< td > Ciphertext< / td >
< td > Payload< / td >
< td > < / td >
< / tr >
< tr >
< td > OpenIddictTokens< / td >
< td > Hash< / td >
< td > ReferenceId< / td >
< td > < / td >
< / tr >
< / tbody >
< / table >
< h3 id = "updated-properties" > Updated properties< / h3 >
< table >
< thead >
< tr >
< th > Table< / th >
< th > Column name< / th >
< th > Observations< / th >
< / tr >
< / thead >
< tbody >
< tr >
< td > OpenIddictApplications< / td >
< td > PostLogoutRedirectUris< / td >
< td > Values are now formatted as JSON arrays instead of space-separated strings.< / td >
< / tr >
< tr >
< td > OpenIddictApplications< / td >
< td > RedirectUris< / td >
< td > Values are now formatted as JSON arrays instead of space-separated strings.< / td >
< / tr >
< tr >
< td > OpenIddictAuthorizations< / td >
< td > Scopes< / td >
< td > Values are now formatted as JSON arrays instead of space-separated strings.< / td >
< / tr >
< / tbody >
< / table >
< h3 id = "added-properties" > Added properties< / h3 >
< table >
< thead >
< tr >
< th > Table< / th >
< th > Column name< / th >
< th > Type< / th >
< th > Nullable< / th >
< / tr >
< / thead >
< tbody >
< tr >
< td > OpenIddictApplications< / td >
< td > ConsentType< / td >
< td > nvarchar(max)< / td >
< td > Yes< / td >
< / tr >
< tr >
< td > OpenIddictApplications< / td >
< td > Properties< / td >
< td > nvarchar(max)< / td >
< td > Yes< / td >
< / tr >
< tr >
< td > OpenIddictApplications< / td >
< td > Permissions< / td >
< td > nvarchar(max)< / td >
< td > Yes< / td >
< / tr >
< tr >
< td > OpenIddictAuthorizations< / td >
< td > Properties< / td >
< td > nvarchar(max)< / td >
< td > Yes< / td >
< / tr >
< tr >
< td > OpenIddictScopes< / td >
< td > DisplayName< / td >
< td > nvarchar(max)< / td >
< td > Yes< / td >
< / tr >
< tr >
< td > OpenIddictScopes< / td >
< td > Properties< / td >
< td > nvarchar(max)< / td >
< td > Yes< / td >
< / tr >
< tr >
< td > OpenIddictScopes< / td >
< td > Resources< / td >
< td > nvarchar(max)< / td >
< td > Yes< / td >
< / tr >
< tr >
< td > OpenIddictTokens< / td >
< td > Properties< / td >
< td > nvarchar(max)< / td >
< td > Yes< / td >
< / tr >
< / tbody >
< / table >
< / article >
< / div >
< div class = "hidden-sm col-md-2" role = "complementary" >
< div class = "sideaffix" >
< div class = "contribution" >
< ul class = "nav" >
< li >
< a href = "https://github.com/openiddict/openiddict-documentation/blob/dev/guide/migration.md/#L1" class = "contribution-link" > Improve this Doc< / a >
< / li >
< / ul >
< / div >
< nav class = "bs-docs-sidebar hidden-print hidden-xs hidden-sm affix" id = "affix" >
< h5 > In This Article< / h5 >
< div > < / div >
< / nav >
< / div >
< / div >
< / div >
< / div >
< footer >
< div class = "grad-bottom" > < / div >
< div class = "footer" >
< div class = "container" >
< span class = "pull-right" >
< a href = "#top" > Back to top< / a >
< / span >
< span > Generated by < strong > DocFX< / strong > < / span >
< / div >
< / div >
< / footer >
< / div >
< script type = "text/javascript" src = "../styles/docfx.vendor.js" > < / script >
< script type = "text/javascript" src = "../styles/docfx.js" > < / script >
< script type = "text/javascript" src = "../styles/main.js" > < / script >
< / body >
< / html >
