"InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII is hidden]'"

Solution 1:

We need to enable viewing of PII logs so we can see more details about the error: Add the following line in ConfigureServices() to Startup.cs

public void ConfigureServices(IServiceCollection services)
{
    IdentityModelEventSource.ShowPII = true; //Add this line
    ....

Solution 2:

In my case, this happened while I was developing identity prototype with Identity Server on localhost environment and my authority was configured incorrectly.

I was following an example from Identity Server 4, the issue was that the Quick start example of the Identity Server 4 contain 3 projects:

  • Identity Server. with endpoint => https://localhost:5001
  • Api (called Resource Api or Consumer Api).
  • Client.

In the example that was provided, the Identity Server was set to https with endpoint https://localhost:5001. But the Authority was in Consumer Api was set to http://localhost:5000.

So when client try to connect to Consumer Api, it gets the http://localhost:5000 address and try to look at http://localhost:5000/.well-known/openid-configuration and this does not exist. It exist only on https://localhost:5001/.well-known/openid-configuration.

So far so good.

The solution is to ensure you are using the same endpoint of the identity server on your consumer authority:

options.Authority = "https://localhost:5001";

Solution 3:

If anyone is experiencing this during development, I was able to solve this by clearing my developer certs then recreating them.

dotnet dev-certs https --clean
dotnet dev-certs https --trust