Area: Optimizely B2B Commerce

Configuring IssuerUri for IdentityServer on webfarms

Recommended reading 

The purpose of the IssuerUri option on the IdentityServer is to create tokens and generate the TokenValidationParameters. On token generation, the values for token audience and the issuer is set from the IssuerUri option. On token validation audienceUri is created from the IssuerUri. It doesn't have to be a valid URI, it can be something unique to your company.

A common implementation mistake is made when setting the IdentityServerUrl. If it is set in the app.config to the IP address of the server, then each server would have a unique issuer uri on the access token. If the request is then redirected to a server where the access token doesn't exist, a token error is generated. To correct this, configure the issuerUri with the same values on each server across the webfarm.

Do you find this information helpful? Please log in to provide feedback.

Last updated: Dec 11, 2020

Recommended reading