Trouble implementing refresh tokens in ASP.NET Core 6 with IdentityServer4
After trying multiple solutions online, I still can't figure this out... I'm currently implementing an authentication system using ASP.NET Core 6 and IdentityServer4. I've configured the primary token issuance correctly and can successfully authenticate users and receive access tokens. However, I am struggling with the refresh token implementation. When I request a new access token using the refresh token, I keep getting a 400 Bad Request response with the message **"invalid_grant"**. I've double-checked my token lifetimes and added the necessary references, but it's still not working. Hereβs the relevant part of my `Startup.cs` where I configure IdentityServer: ```csharp services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryApiResources(Config.GetApiResources()) .AddInMemoryClients(Config.GetClients()) .AddInMemoryIdentityResources(Config.GetIdentityResources()); ``` For my clients, I'm using the following configuration: ```csharp new Client { ClientId = "myclient", AllowedGrantTypes = GrantTypes.RefreshToken, ClientSecrets = { new Secret("mysecret".Sha256()) }, AllowedScopes = { "api1" }, AllowOfflineAccess = true, RequireClientSecret = false, RefreshTokenUsage = TokenUsage.ReUse, AbsoluteRefreshTokenLifetime = 36000, RefreshTokenExpiration = TokenExpiration.Absolute, SlidingRefreshTokenLifetime = 300, } ``` Iβve also tried adjusting the `RefreshTokenUsage` and `SlidingRefreshTokenLifetime`, but nothing seems to resolve the scenario. Any insights into why I might be receiving this invalid grant behavior when trying to refresh my tokens would be greatly appreciated! I'm working on a API that needs to handle this.