Fix ValidIssuers in Client Auth

2026-03-21 22:07:11 -07:00
parent 755274dee6
commit f0c3b0f917
1 changed files with 11 additions and 7 deletions
--- a/Gateway/Security/ClientAuthMiddleware.cs
+++ b/Gateway/Security/ClientAuthMiddleware.cs
@@ -357,7 +357,11 @@ public sealed class ClientAuthMiddleware
            var validationParams = new TokenValidationParameters
            {
                ValidateIssuer = true,
-                ValidIssuers = new[] { $"{instance.TrimEnd('/')}/{tenantId}/v2.0" },
+                ValidIssuers = new[]
+                {
+                    $"https://login.microsoftonline.com/{tenantId}/v2.0",
+                    $"https://sts.windows.net/{tenantId}/"
+                },

                ValidateAudience = true,
                ValidAudiences = validAudiences,