diff --git a/src/OpenIddict.Core/OpenIddictBuilder.cs b/src/OpenIddict.Core/OpenIddictBuilder.cs
index 93c9beeb..3a7a8430 100644
--- a/src/OpenIddict.Core/OpenIddictBuilder.cs
+++ b/src/OpenIddict.Core/OpenIddictBuilder.cs
@@ -280,14 +280,30 @@ namespace Microsoft.AspNetCore.Builder {
///
/// Registers a new ephemeral key used to sign the tokens issued by OpenIddict: the key
/// is discarded when the application shuts down and tokens signed using this key are
- /// automatically invalidated. This method should only be used during development:
- /// on production, using a X.509 certificate stored in the machine store is recommended.
+ /// automatically invalidated. This method should only be used during development.
+ /// On production, using a X.509 certificate stored in the machine store is recommended.
///
/// The .
public virtual OpenIddictBuilder AddEphemeralSigningKey() {
return Configure(options => options.SigningCredentials.AddEphemeralKey());
}
+ ///
+ /// Registers a new ephemeral key used to sign the tokens issued by OpenIddict: the key
+ /// is discarded when the application shuts down and tokens signed using this key are
+ /// automatically invalidated. This method should only be used during development.
+ /// On production, using a X.509 certificate stored in the machine store is recommended.
+ ///
+ /// The algorithm associated with the signing key.
+ /// The .
+ public virtual OpenIddictBuilder AddEphemeralSigningKey([NotNull] string algorithm) {
+ if (string.IsNullOrEmpty(algorithm)) {
+ throw new ArgumentException("The algorithm cannot be null or empty.", nameof(algorithm));
+ }
+
+ return Configure(options => options.SigningCredentials.AddEphemeralKey(algorithm));
+ }
+
///
/// Registers a that is used to sign the tokens issued by OpenIddict.
///