From 516fe08bff247066ae74f2180088c08b38353a90 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Chalet?= <kevinchalet@gmail.com>
Date: Thu, 26 Jan 2017 17:32:38 +0100
Subject: [PATCH] Update README.md

---
 README.md | 24 +++++++-----------------
 1 file changed, 7 insertions(+), 17 deletions(-)

diff --git a/README.md b/README.md
index d2d9cf80..173fd679 100644
--- a/README.md
+++ b/README.md
@@ -84,8 +84,8 @@ public void ConfigureServices(IServiceCollection services) {
 
     // Register the Identity services.
 	services.AddIdentity<ApplicationUser, IdentityRole>()
-	    .AddEntityFrameworkCoreStores<ApplicationDbContext>()
-	    .AddDefaultTokenProviders();
+        .AddEntityFrameworkCoreStores<ApplicationDbContext>()
+        .AddDefaultTokenProviders();
 
 	// Register the OpenIddict services.
     // Note: use the generic overload if you need
@@ -105,13 +105,8 @@ public void ConfigureServices(IServiceCollection services) {
         // Allow client applications to use the grant_type=password flow.
         .AllowPasswordFlow()
 
-	    // During development, you can disable the HTTPS requirement.
-	    .DisableHttpsRequirement()
-
-        // Register a new ephemeral key, that is discarded when the application
-        // shuts down. Tokens signed using this key are automatically invalidated.
-        // This method should only be used during development.
-        .AddEphemeralSigningKey();
+        // During development, you can disable the HTTPS requirement.
+        .DisableHttpsRequirement();
 }
 ```
 
@@ -175,7 +170,7 @@ The **Mvc.Server sample comes with an [`AuthorizationController` that supports b
 
 ```csharp
 public void ConfigureServices(IServiceCollection services) {
-	// Register the OpenIddict services.
+    // Register the OpenIddict services.
     // Note: use the generic overload if you need
     // to replace the default OpenIddict entities.
 	services.AddOpenIddict()
@@ -194,13 +189,8 @@ public void ConfigureServices(IServiceCollection services) {
         // Allow client applications to use the code flow.
         .AllowAuthorizationCodeFlow()
 
-	    // During development, you can disable the HTTPS requirement.
-	    .DisableHttpsRequirement()
-
-        // Register a new ephemeral key, that is discarded when the application
-        // shuts down. Tokens signed using this key are automatically invalidated.
-        // This method should only be used during development.
-        .AddEphemeralSigningKey();
+        // During development, you can disable the HTTPS requirement.
+        .DisableHttpsRequirement();
 }
 ```