Additional Clients cannot be defined

Found in

EPiServer.ContentDeliveryApi 2.18.0

Fixed in

EPiServer.ContentDeliveryApi 2.19.1


Jan 20, 2021


Apr 13, 2021


Closed, Fixed and tested


Steps to reproduce:
Pass one more custom clients in when calling UseContentApiIdentityOAuthAuthorization:

app.UseContentApiIdentityOAuthAuthorization <ApplicationUserManager<ApplicationUser>, ApplicationUser>(new ContentApiOAuthOptions
    Clients =  new[] { new ApiClientInfo { AccessControlAllowOrigin = "*", ClientId = "Custom"} }

Make a call to the auth endpoint with the custom ClientId.

Expected result:

The new custom client should be defined.

Actual result:

You get a 400 response:

{ "error": "invalid_client_id", "error_description": "Client 'Custom' is not registered in the system." }

This is because the IdentityAuthorizationServerProvider uses constructor injection to get the ContentApiOAuthOptions. They should be passed in as they are never registered in StructureMap.