Skip to content

Features

Pages and routes

Route Page
/ Home
/login Login
/clients, /clients/create, /clients/{ClientId}, /clients/{ClientId}/edit Client management
/tokens, /tokens/{TokenId} Token list / detail
/authorizations, /authorizations/{AuthorizationId} Authorization grants
/scopes, /scopes/create, /scopes/{ScopeName}, /scopes/{ScopeName}/edit Scope management
/audit-logs, /audit-logs/{LogId} Audit log list / detail

Shared components

RedirectUrisManager, ClientScopesManager, ClientGrantTypesManager, ClientAuthenticationManager, TokenIntrospection, AuthorizationTokensView, NavigationBreadcrumbs, NavMenu, RedirectToLogin.

Authorization policies

Defined in AuthorizationPolicies.cs over roles admin and viewer:

  • AdminOnly, RequireViewerOrAdminRole
  • CanManageClients, CanManageScopes, CanManageTokens, CanViewAuditLogs

Management API integration

AuthorizationServerApiClient calls (relative to AuthorizationServerApi.BaseUrl):

  • Clients: /clients, /clients/{id}, redirect URIs, scopes, grant types
  • Tokens: /tokens, /tokens/{id}/revoke, /tokens/introspect
  • Authorizations: /authorizations (+ revoke)
  • Scopes: /scopes
  • Audit: /audit-logs
  • Login: api/auth/login via AuthService.LoginAsync (uses ConnectSoft.IdentityTemplate.ServiceModel.LoginRequest/LoginResponse)

Bearer tokens are attached by AuthorizationMessageHandler.

See also