FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    How is Token validation performed?

    Scheduled Pinned Locked Moved Unsolved
    Q&A
    1
    1
    1
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      benlabbe2007
      last edited by

      Reading through the ASP.NET backend setup for FusionAuth, in terms of configuration settings, this is all that's required:

      "Authentication": {
    "Schemes": {
      "Bearer": {
        "Authority": "http://localhost:9011",
        "ValidAudiences": [
          "e9fdb985-9173-4e01-9d73-ac2d60d1dc8e"
        ]
      }
    }
  }

      Because there's no client secret, I'm wondering how the token is validated without the api server needing to communicate with the FusionAuth authorization server? Should the ValidAudience uuid be considered sensitive data?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Looks like your connection to FusionAuth Forum was lost, please wait while we try to reconnect.