The IdentityServerBearerTokenAuthenticationOptions class has a number of options to influence token validation.


Static Configuration for JWTs

Instead of automatically obtaining the configuration from the discovery endpoint, you can also statically configure the middleware

Remark This is useful, if for some reaso the discovery document is not available to you, e.g. when running IdentityServer and the client or API in the same web application.

Using the Introspection Endpoint (added in v2.2)

Version 2.2 of IdentityServer added support for the token introspection specification. This is the recommended technique when using reference tokens (see here).

In this case you need to specify the ClientId and ClientSecret to match the name and secret of the scope configuration in IdentityServer (see scopes)

Enabling Caching

When using reference tokens, you probably don’t want to make a round-trip to IdentityServer for each incoming request. In this case you can cache the validation outcome locally.