Class OpenIddictValidationOptions

Provides various settings needed to configure the OpenIddict validation handler.

Inheritance

System.Object

OpenIddictValidationOptions

Inherited Members

System.Object.Equals(System.Object)

System.Object.Equals(System.Object, System.Object)

System.Object.GetHashCode()

System.Object.GetType()

System.Object.MemberwiseClone()

System.Object.ToString()

System.Object.ReferenceEquals(System.Object, System.Object)

Namespace: OpenIddict.Validation

Assembly: cs.temp.dll.dll

Syntax

public class OpenIddictValidationOptions

Properties

Audiences

Gets the intended audiences of this resource server. Setting this property is recommended when the authorization server issues access tokens for multiple distinct resource servers.

Declaration

public HashSet<string> Audiences { get; }

Property Value

Type	Description
HashSet<System.String>

ClientId

Gets or sets the client identifier sent to the authorization server when using remote validation.

Declaration

public string ClientId { get; set; }

Property Value

Type	Description
System.String

ClientSecret

Gets or sets the client secret sent to the authorization server when using remote validation.

Declaration

public string ClientSecret { get; set; }

Property Value

Type	Description
System.String

Configuration

Gets or sets the OAuth 2.0/OpenID Connect static server configuration, if applicable.

Declaration

public OpenIdConnectConfiguration? Configuration { get; set; }

Property Value

Type	Description
System.Nullable<OpenIdConnectConfiguration>

ConfigurationManager

Gets or sets the configuration manager used to retrieve and cache the OAuth 2.0/OpenID Connect server configuration.

Declaration

public IConfigurationManager<OpenIdConnectConfiguration> ConfigurationManager { get; set; }

Property Value

Type	Description
IConfigurationManager<OpenIdConnectConfiguration>

EnableAuthorizationEntryValidation

Gets or sets a boolean indicating whether a database call is made to validate the authorization entry associated with the received tokens. Note: enabling this option may have an impact on performance and can only be used with an OpenIddict-based authorization server.

Declaration

public bool EnableAuthorizationEntryValidation { get; set; }

Property Value

Type	Description
System.Boolean

EnableTokenEntryValidation

Gets or sets a boolean indicating whether a database call is made to validate the token entry associated with the received tokens. Note: enabling this option may have an impact on performance but is required when the OpenIddict server emits reference tokens.

Declaration

public bool EnableTokenEntryValidation { get; set; }

Property Value

Type	Description
System.Boolean

EncryptionCredentials

Gets the list of encryption credentials used by the OpenIddict validation services. Note: the encryption credentials are not used to protect/unprotect tokens issued by ASP.NET Core Data Protection, that uses its own key ring, configured separately.

Declaration

public List<EncryptingCredentials> EncryptionCredentials { get; }

Property Value

Type	Description
System.Collections.Generic.List<EncryptingCredentials>

Remarks

Note: OpenIddict automatically sorts the credentials based on the following algorithm:

• Symmetric keys are always preferred when they can be used for the operation (e.g token encryption).
• X.509 keys are always preferred to non-X.509 asymmetric keys.
• X.509 keys with the furthest expiration date are preferred.
• X.509 keys whose backing certificate is not yet valid are never preferred.

Handlers

Gets the list of the handlers responsible of processing the OpenIddict validation operations. Note: the list is automatically sorted based on the order assigned to each handler descriptor. As such, it MUST NOT be mutated after options initialization to preserve the exact order.

Declaration

public List<OpenIddictValidationHandlerDescriptor> Handlers { get; }

Property Value

Type	Description
System.Collections.Generic.List<OpenIddictValidationHandlerDescriptor>

Issuer

Gets or sets the absolute URL of the OAuth 2.0/OpenID Connect server.

Declaration

public Uri? Issuer { get; set; }

Property Value

Type	Description
System.Nullable<Uri>

JsonWebTokenHandler

Gets or sets the JWT handler used to protect and unprotect tokens.

Declaration

public JsonWebTokenHandler JsonWebTokenHandler { get; set; }

Property Value

Type	Description
JsonWebTokenHandler

MetadataAddress

Gets or sets the URL of the OAuth 2.0/OpenID Connect server discovery endpoint. When the URL is relative, Issuer must be set and absolute.

Declaration

public Uri? MetadataAddress { get; set; }

Property Value

Type	Description
System.Nullable<Uri>

TokenValidationParameters

Gets the token validation parameters used by the OpenIddict validation services.

Declaration

public TokenValidationParameters TokenValidationParameters { get; }

Property Value

Type	Description
TokenValidationParameters

ValidationType

Gets or sets the type of validation used by the OpenIddict validation services. By default, local validation is always used.

Declaration

public OpenIddictValidationType ValidationType { get; set; }

Property Value

Type	Description
OpenIddictValidationType