Skip to content
Duende Software Docs
Livestream: Why now's a good time to upgrade to Duende IdentityServer and .NET 10. Register Now!

Issuing Internal Tokens

Sometimes, extensibility code running on your IdentityServer needs access tokens to call other APIs. In this case it is not necessary to use the protocol endpoints. The tokens can be issued internally.

IIdentityServerTools is a collection of useful internal tools that you might need when writing extensibility code for IdentityServer. To use it, inject it into your code, e.g. an endpoint:

app.MapGet("/myAction", async (IIdentityServerTools tools) =>
{
    var token = await tools.IssueClientJwtAsync(
        clientId: "client_id",
        lifetime: 3600,
        audiences: new[] { "backend.api" });


    // more code
});

The IIdentityServerTools interface was added in v7 to allow mocking. Previous versions referenced the IdentityServerTools implementation class directly.