User is authenticated but where is the access token?

Question

I have a web Application which authenticates a user to an Identity Server 4, using an implicit client. I need the access token for this user so that I can make a call to anoth

Answer 1

Use options.SaveTokens = true then grab your access token from the claims or use HttpContext.GetTokenAsync here's the link to the blogpost with example: https://www.jerriepelser.com/blog/accessing-tokens-aspnet-core-2/

Answer 2

By default the OpenID Connect middleware only requests an identity token (a response_type of id_token).

You'll need to first update your OpenIdConnectOptions with the following:

options.ResponseType = "id_token token";

You can then save the tokens to your cookie using:

options.SaveTokens = true;

And then finally, you can access the token using:

await HttpContext.GetTokenAsync("access_token");

Note that you will also need to set the AllowAccessTokensViaBrowser flag in your IdentityServer client configuration when using the implicit flow.