In order for IdentityServer to issue tokens on behalf of a user, that user must sign-in to IdentityServer.
Login User Interface and Identity Management System¶
IdentityServer does not provide any user-interface or user database for user authentication. These are things you are expected to provide or develop yourself.
If you need a starting point for a basic UI (login, logout, consent and manage grants), you can use our quickstart UI.
The quickstart UI authenticates users against an in-memory database. You would replace those bits with access to your real user store. We have samples that use ASP.NET Identity.
When IdentityServer receives a request at the authorization endpoint and the user is not authenticated, the user will be redirected to the configured login page.
You must inform IdentityServer of the path to your login page via the
UserInteraction settings on the options (the default is
returnUrl parameter will be passed informing your login page where the user should be redirected once login is complete.
On your login page you might require information about the context of the request in order to customize the login experience
(such as client, prompt parameter, IdP hint, or something else).
This is made available via the
GetAuthorizationContextAsync API on the the interaction service.