This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I have a new ASP.NET Core 6.0 web app, and I am trying to configure OpenID Connect (OIDC) in the Program.cs file. I am using "Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="6.0.0" in my .csproj file.
This is the code so far for my OIDC logic in my Program.cs file:
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
var builder = WebApplication.CreateBuilder(args);
Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration oidcConfig = new OpenIdConnectConfiguration();
oidcConfig.TokenEndpoint = "https://removed.com";
oidcConfig.UserInfoEndpoint = "https://removed.com";
oidcConfig.JwksUri = "https://removed.com";
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectOptions oidcOptions = new Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectOptions();
oidcOptions.Authority = "https://removed.com";
oidcOptions.MetadataAddress = "https://removed.com";
oidcOptions.Configuration = oidcConfig;
oidcOptions.ClientId = "xxxxxxxxxxxxxxx";
oidcOptions.ClientSecret = "xxxxxxxxxxxxxxx";
oidcOptions.ResponseType = OpenIdConnectResponseType.IdToken;
oidcOptions.GetClaimsFromUserInfoEndpoint = true;
oidcOptions.SaveTokens = true;
oidcOptions.Validate();
When I run my code and it gets to oidcOptions.Validate(), the following exception is thrown:
An unhandled exception of type 'System.InvalidOperationException' occurred in Microsoft.AspNetCore.Authentication.OpenIdConnect.dll: 'Provide Authority, MetadataAddress, Configuration, or ConfigurationManager to OpenIdConnectOptions'
Why is this exception being thrown? When I run my code in debug mode, I can see that my oidcOptions object has the values I provided for Authority, MetadataAddress, and Configuration.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 90%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZL%3C/text%3E%3C/svg%3E)
Why is this exception being thrown? When I run my code in debug mode....
Do you mean in the development environment, it works well, but in the other environments such production environment, it is not working? If that is the case, please check the environment selection part.
Or do you mean this error happens in release mode, but works well in debug mode?
Then, please check your service, have you ever register the AddOpenIdConnect service in the program.cs file, code like this:
services.AddAuthentication(options => {
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(options => {
options.LoginPath = "/Account/Login/";
})
.AddOpenIdConnect(options =>
{
options.ClientId = Configuration["oidc:clientid"];
options.ClientSecret = Configuration["oidc:clientsecret"];
options.Authority = String.Format("https://{0}.onelogin.com/oidc", Configuration["oidc:region"]);
options.ResponseType = "code";
options.GetClaimsFromUserInfoEndpoint = true;
}
);
More detail information, see OneLogin OpenId Connect Dotnet Core 3.0 Sample and An introduction to OpenID Connect in ASP.NET Core.
Thank you for responding and providing those links.
My app is fully functional and its OIDC flow is working as long as I don't call the OpenIdConnectOptions.Validate() method.
When I call the Validate() method in any environment, my app returns the following exception during runtime:
An unhandled exception of type 'System.InvalidOperationException' occurred in Microsoft.AspNetCore.Authentication.OpenIdConnect.dll: 'Provide Authority, MetadataAddress, Configuration, or ConfigurationManager to OpenIdConnectOptions'
If I run my app in debug mode, I can see that Authority, MetadataAddress, and Configuration are all populated, which makes it seem like the exception is being thrown incorrectly.
When I remove the call to Validate(), my app works just fine, and I can successfully use the OIDC flow to authenticate.
I believe the OpenIdConnectOptions.Validate() method is nonfunctional in the current version of Microsoft.AspNetCore.Authentication.OpenIdConnect.
An unhandled exception of type 'System.InvalidOperationException' occurred in Microsoft.AspNetCore.Authentication.OpenIdConnect.dll: 'Provide Authority, MetadataAddress, Configuration, or ConfigurationManager to OpenIdConnectOptions'
From the OpenIdConnectOptions source code, we can see that the above exception happens when the ConfigurationManager is null. So, you can check it.
The following document describes the settings in the Program.cs of ASP.NET Core MVC application when Duende IdentityServer is used:
Interactive Applications with ASP.NET Core
https://docs.duendesoftware.com/identityserver/v5/quickstarts/2_interactive/
Thank you for providing the tutorial! I followed it and got my application's OIDC flow working. However, the OpenIdConnectOptions.Validate() method still throws the same exception even when my web app is fully functional. I am now convinced that the Validate method doesn't do anything. I've simply removed the Validate() call from my code, and my app no longer throws an exception.