Successfully logged in to ASP Net Core despite expired id token

CRMK · July 4, 2018, 12:41pm

I have a simple ASP Net Core web site and noticed that I am able to log into it despite the id token being expired.
Kestrel logs a successfull user authentication.

Did I miss something conceptually?

At the same time, if the same web site queries the access token via HttpContext.GetTokenAsync(“access_token”) then the ASP Net Core API which I am also running recognizes that the token is expired.

konrad.sopala · December 20, 2018, 1:05pm

Hey @CRMK

Firstly, I’d like to apologize for such a delay in response. We’re doing our best in providing as much value to community as possible but sometimes we are simply people resources constraint, thanks for understanding!

We are more than happy to assist in any way! If the issue is still out there please let us know so we can actually dig further!

Thank you!

Topic		Replies	Views
.net core Logon doesn't expire Get Help	2	4081	August 29, 2019
ASP.NET Core Access Token Expiration Get Help	2	9883	July 12, 2019
Id token validation incase of MVC application Get Help sessions , authentication-sessions	3	1543	February 22, 2023
Asp.Net Core : invalid access_token: invalid_token Get Help angular-2 , aspnet-core	6	6861	March 2, 2018
Confused by API Test tab C# Code Get Help access-token , aspnet-core , 401	10	5130	August 14, 2019

Successfully logged in to ASP Net Core despite expired id token

Related topics