You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Which version of Duende IdentityServer are you using?
Currently using 7.0.8 - The issue was not happening with 7.0.7
Which version of .NET are you using?
.Net 8
Describe the bug
We are using an app service in Microsoft Azure to host our web Api. Users get a token from IdentityServer to authenticate with our Api.
The Webapp in Azure uses slots for deployment.
Whenever we run a deployment, we have a pipeline that deploys to the staging slot, then swaps the slots.
Using version 7.0.7 of Duende.IdentityServer this worked fine. Users who were using the webapp at the time of deployment could continue using it with no noticeable effects when the slots were swapped.
After updating to 7.0.8 of Duende.IdentityServer, if users are actively using the webapp during a deployment, then they get a 401 unauthorised error for every api request after the slots are swapped. It seems that their token becomes invalid and has to be refreshed. All users become unauthenticated after the deployment until they log out and log back in to our application or wait half an hour - (half an hour seems to be the amount of time it takes for the token to automatically renew). We get a massive barrage of 401 errors observed on AppInsights with every deployment. Clearly this is a very bad user experience to have to log out and log back in whenever we release a new version of our webapp.
My guess is that something changed in version 7.0.8 of Duende.IdentityServer that causes users auth tokens to be wiped when the deployment restarts the web server, this didn't happen in previous versions though.
As a temporary workaround, we've implemented in our axios global config on the front end, if any web request returns a 401 then the app performs a new silent sign in request to refresh the user's auth token automatically, which resolves the problem of the user having to log out and log back in. However it is not ideal as the request that the user made at the time causing the 401 will not get through, which can have the effect of - for example if the user was saving a record at the time they will need to save it again.
To Reproduce
Deployment of the webapp on version 7.0.8 reproduces the issue every time.
Expected behavior
Users should be able to continue using the app after deployments with the same auth token.
The text was updated successfully, but these errors were encountered:
There could be multiple causes for this. I would like to start with excluding a basic configuration error. Could you please review https://docs.duendesoftware.com/dataprotection and validate that this is not a data protection issue?
Which version of Duende IdentityServer are you using?
Currently using 7.0.8 - The issue was not happening with 7.0.7
Which version of .NET are you using?
.Net 8
Describe the bug
We are using an app service in Microsoft Azure to host our web Api. Users get a token from IdentityServer to authenticate with our Api.
The Webapp in Azure uses slots for deployment.
Whenever we run a deployment, we have a pipeline that deploys to the staging slot, then swaps the slots.
Using version 7.0.7 of Duende.IdentityServer this worked fine. Users who were using the webapp at the time of deployment could continue using it with no noticeable effects when the slots were swapped.
After updating to 7.0.8 of Duende.IdentityServer, if users are actively using the webapp during a deployment, then they get a 401 unauthorised error for every api request after the slots are swapped. It seems that their token becomes invalid and has to be refreshed. All users become unauthenticated after the deployment until they log out and log back in to our application or wait half an hour - (half an hour seems to be the amount of time it takes for the token to automatically renew). We get a massive barrage of 401 errors observed on AppInsights with every deployment. Clearly this is a very bad user experience to have to log out and log back in whenever we release a new version of our webapp.
My guess is that something changed in version 7.0.8 of Duende.IdentityServer that causes users auth tokens to be wiped when the deployment restarts the web server, this didn't happen in previous versions though.
As a temporary workaround, we've implemented in our axios global config on the front end, if any web request returns a 401 then the app performs a new silent sign in request to refresh the user's auth token automatically, which resolves the problem of the user having to log out and log back in. However it is not ideal as the request that the user made at the time causing the 401 will not get through, which can have the effect of - for example if the user was saving a record at the time they will need to save it again.
To Reproduce
Deployment of the webapp on version 7.0.8 reproduces the issue every time.
Expected behavior
Users should be able to continue using the app after deployments with the same auth token.
The text was updated successfully, but these errors were encountered: