identityserver4 - AllowAnonymous Attribute overridden by IdentityServer Authentication .Net core -
so have asp.net core 1.1 webapi secured identityserver4. works perfectly. however, trying allow controllers accessed without bearer token.
in past add [allowanonymous] controller or end-point, seems identityserver's authentication takes precedence.
i keep getting: "identityserver4.accesstokenvalidation.infrastructure.nopauthenticationmiddleware:information: bearer not authenticated. failure message: no token found."
i want add error received in api's logging , not in identityserver's logging
initially thought relate this: https://github.com/microsoft/aspnet-api-versioning/issues/143 . however, when downgraded 1.0.3 of asp.net core still happens.
anyone know how can around this?
this not error message - says no token found - totally ok.
the request flow anonymously controllers.
Comments
Post a Comment