I have a Blazor WebAssembly application targeting .NET 8. I'm using OIDC authentication and have successfully integrated with Keycloak. My current configuration looks like this:
// Program.csbuilder.Services.AddOidcAuthentication(options =>{ options.ProviderOptions.DefaultScopes.Clear(); builder.Configuration.Bind("Oidc", options.ProviderOptions);});// appsettings.json{"Oidc": {"Authority": ".../.well-known/openid-configuration","ClientId": "client1","PostLogoutRedirectUri": "http://localhost:8081","DefaultScopes": ["openid" ],"ResponseType": "code" }}Everything works fine with the development Keycloak server, but I'm facing an issue with the production server from another company where the userinfo endpoint fails. The /token call succeeds, and I receive a valid response, but the subsequent call to the /userinfo endpoint fails. Is there a way to disable the use of the userinfo endpoint in the OIDC authentication configuration?
I've unsuccessfully searched through the options to find a way to disable the userinfo call. My second attempt was to use a custom AuthenticationStateProvider, but I couldn't fully refine that approach either.