IdentityServer icon indicating copy to clipboard operation
IdentityServer copied to clipboard
verified publisher icon DuendeSoftware

IdentityServer Error LogLevel

Open ruudhe opened this issue 1 year ago • 1 comments

Which version of Duende IdentityServer are you using? IdentityServer 7.0.3 BFF 2.2.0

Which version of .NET are you using? net8.0

Describe the bug On a high volume public facing deployment our logs are spammed with IdentityServer Errors which are generated by security scans or wrong user input. The validators used in identityserver are logging all invalid requests as an Error, for example:

AuthorizeRequestValidator https://github.com/DuendeSoftware/IdentityServer/blob/352706997d1ce8a4564a146f1c4a37cd459b724f/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs#L160 https://github.com/DuendeSoftware/IdentityServer/blob/352706997d1ce8a4564a146f1c4a37cd459b724f/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs#L201 https://github.com/DuendeSoftware/IdentityServer/blob/352706997d1ce8a4564a146f1c4a37cd459b724f/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs#L226

ProtectedDataMessageStore https://github.com/DuendeSoftware/IdentityServer/blob/352706997d1ce8a4564a146f1c4a37cd459b724f/src/IdentityServer/Stores/Default/ProtectedDataMessageStore.cs#L62

Expected behavior We would like to request a change that the logging level for these kind of log statements can be configured from Error to Warning so error reporting would not give so much errors due to improper usage / url scanning.

ruudhe avatar Apr 30 '24 08:04 ruudhe