When using IdentityServer 5 (aka Duende IdentityServer), you don't need to use UseDeveloperSigningCredentials() anymore as it is now enabled by default.
services.AddIdentityServer().AddInMemoryClients(new List<Client>()).AddInMemoryIdentityResources(new List<IdentityResource>()).AddInMemoryApiResources(new List<ApiResource>()).AddInMemoryApiScopes(new List<ApiScope>()).AddTestUsers(new List<TestUser>()).AddDeveloperSigningCredential();
❌ Figure: Bad example - you don't need to use .AddDevelopersSigningCredential() anymore
When using version 5, instead of using IdentityServer4.AccessTokenValidation(), you should use the out of the box AddAuthentication(("Bearer").AddJwtBearer("Bearer") from .NET 5
services.AddAuthentication("Bearer").AddIdentityServerAuthentication("Bearer", options =>{options.ApiName = "api1";options.Authority = "https://localhost:5000";});
❌ Figure: Bad example - don't use IdentityServer4.AccessTokenValidation package as it is deprecated.
services.AddAuthentication("Bearer").AddJwtBearer("Bearer", options =>{options.Audience = "api1";options.Authority = "https://localhost:5000";});
✅ Figure: Good example - use AddJwtBearer("Bearer") instead