This article has been indexed from DZone Security Zone
Introduction
In the previous post of this series, we set up IdentityServer with some test users and client configurations. We then used the postman tool to get the access token with couple of different flows.
In this post, we will move forward and add a resource API to our solution. This will be simple .NET Core WebAPI application. This API will contains endpoints which different client applications will call. We will protect this API using IdentityServer.
Read the original article: TokenBased Security, OAUTH, OIDC, IdentityServer – Part 4