ASP.NET Core MVC calling api

I have a microservice architecture with a ASP.NET Core MVC application as a frontend. All the microservices are also implemented as ASP.NET Core services (Rest Services). I created a Client in my dashboard and a API for each Microservice. I authorized the client for all the API’s. I am able to login to my application and save the tokens. The access_toke I get is really short, so not really a bearer token. If I then try to access the API i get a 401 Unautherized.

Which step am I missing? Do I need to implement another call to get an access_token?


I just saw this in the quickstart

OnRedirectToIdentityProvider = context =>
                context.ProtocolMessage.SetParameter("audience", "http://my-api");
                return Task.FromResult(0);

But I have more than one API. How can I add multiple audience?

Given you addressed the initial question in your update I’ll provide some additional information about the follow-up situation regarding multiple audiences.

You can only pass a single audience value per request so your scenario either requires multiple requests or revising your configuration and representing your micro-services as a single audience.

For reference information related to this topic see: