Orchard Core CMS OpenID Tutorials. OpenID Connect and Token Validation in Orchard Core CMS.

OpenID Connect and Token Validation in Orchard Core CMS

There are several Orchard Core tutorials showing how to use the GraphQL API via Postman to execute GraphQL queries in Orchard Core CMS. Some of these tutorials walk the Orchard Core Developer through configuring OpenID Connect in Orchard Core CMS to issue authentication tokens that can be submitted as part of the GraphQL query request.

Orchard Core CMS has several OpenID Connect features that can be enabled depending on the scenario. It's clear from the tutorials that the developer has to enable the OpenID Authorization Server feature, which will automatically enable both the OpenID Core Components and OpenID Management Interface.

At this point everything looks good and the Orchard Core Developer is able to create the application via the OpenID Management Interface and use Postman to retrieve the authentication token, but is unable to successfully execute a GraphQL query using the GraphQL API. Assuming the role has the proper permissions (claims) to execute GraphQL queries in Orchard Core CMS, it may be that the client is not authenticated because the developer hasn't enabled the OpenID Token Validation feature.

If this is the case, try the GraphQL query again via the GraphQL API once the OpenID Connect Token Validation feature has been enabled in Orchard Core CMS.

Orchard Core CMS and OpenID Connect Token Validation