I get the error below when performing a GET using IdentityModel's DiscoveryClient
as follows:
var discoveryResponse = await DiscoveryClient.GetAsync("https://localhost/IdentityServer");
Issuer name does not match authority: https://localhost/identityserver
The target URL is an ASP.NET Core web application running on IIS enabled with IdentityServer4. The client application is a classic ASP.NET web application running on the same machine.
Apparently, the GET did manage to retrieve values from the IdentityServer as evidenced by the contents of discoveryResponse.Raw
:
{
"issuer": "https://localhost/identityserver",
"jwks_uri": "https://localhost/IdentityServer/.well-known/openid-configuration/jwks",
"authorization_endpoint": "https://localhost/IdentityServer/connect/authorize",
"token_endpoint": "https://localhost/IdentityServer/connect/token",
"userinfo_endpoint": "https://localhost/IdentityServer/connect/userinfo",
"end_session_endpoint": "https://localhost/IdentityServer/connect/endsession",
"check_session_iframe": "https://localhost/IdentityServer/connect/checksession",
"revocation_endpoint": "https://localhost/IdentityServer/connect/revocation",
"introspection_endpoint": "https://localhost/IdentityServer/connect/introspect",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true,
"scopes_supported": [ "CustomIdentityResources", "profile", "openid", "MyAPI.full_access", "offline_access" ],
"claims_supported": [],
"grant_types_supported": [ "authorization_code", "client_credentials", "refresh_token", "implicit" ],
"response_types_supported": [ "code", "token", "id_token", "id_token token", "code id_token", "code token", "code id_token token" ],
"response_modes_supported": [ "form_post", "query", "fragment" ],
"token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post" ],
"subject_types_supported": [ "public" ],
"id_token_signing_alg_values_supported": [ "RS256" ],
"code_challenge_methods_supported": [ "plain", "S256" ]
}
authority: https://localhost/IdentityServer issuer: https://localhost/identityserver
They do not match - it's case sensitive.