Categories
express identityserver4 node.js

Identity Server 4 for NodeJS API

I’m trying to figure out how to do the identity server 4 authentication below using NodeJS – way out of my comfort zone here.

services.AddAuthentication(IdentityServerAuthenticationDefaults
.AuthenticationScheme)
.AddIdentityServerAuthentication(
options =>
{
options.Authority = "<authority-url>";
options.ApiName = "<api-url>";
});

I’m missing something in the flow here as the C# implementation isn’t provided a secret or similar – so the token is probably verified via identity server? How would I verify the token using NodeJS if I don’t have a ‘secret’ to verify it with?

I’ve stumbled on introspection endpoint – am I heading in the right direction?