How can I use OrchareCore OpenId as an Authorization Server ?.

[hung-doan]

My scenario. I have two site:

• cms.abc.com: as a identity server, which uses OrchardCore CMS to issue an JWT token
• api.abc.com: is the resource server, which will receive requests from the clients within the JWT Bearer Token that was issued by the CMS.

In the documentation, https://docs.orchardcore.net/en/dev/docs/reference/modules/OpenId/#token-validation
It gives a quick summary of Validates tokens issued by the Orchard OpenID server.
But It doesn't guide us:

• How to configure the CMS
• and how can I configure my "api.abc.com" to validate token that was issued by the CMS (which is the most importance)

I tried to use the JwtBearer package & borrow the idea from the Identity Server here: https://docs.identityserver.io/en/3.1.0/topics/apis.html.

        services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddJwtBearer(options =>
            {
                // base-address of your identityserver
                options.Authority = "cms.abc.com";

                // name of the API resource
                options.Audience = "api1";
            });

However, It doesn't work.
I'm taking a look at the openiddict.

But I would be great if there is any guide, documentation or direction for this case.