public static void AddWebApi( this IServiceCollection services, ApplicationOptions applicationOptions) { if (!applicationOptions.IsWebApiEnabled()) { return; } services.AddAuthorization(options => { options.AddScopePolicies <ApiController>( applicationOptions.PublicUrl, assembly: typeof(Startup).GetTypeInfo().Assembly, fromReferenced: true ); }); services .AddAuthentication() .AddIdentityServerAuthentication(options => { options.Authority = applicationOptions.PublicUrl; options.RequireHttpsMetadata = applicationOptions ?.PublicUrl.IndexOf("https") > -1; options.ApiName = "idbase"; options.ApiSecret = applicationOptions.ApiSecret; }); }