Introduce new SetSigningKey() overloads in the Apple provider to make importing PEM-encoded keys easier

Directory.Build.targets

@@ -83,6 +83,7 @@
     Condition=" ('$(TargetFrameworkIdentifier)' == '.NETCoreApp' And $([MSBuild]::VersionGreaterThanOrEquals($(TargetFrameworkVersion), '5.0'))) ">
     <DefineConstants>$(DefineConstants);SUPPORTS_MULTIPLE_VALUES_IN_QUERYHELPERS</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_HTTP_CLIENT_DEFAULT_REQUEST_VERSION_POLICY</DefineConstants>
+    <DefineConstants>$(DefineConstants);SUPPORTS_PEM_ENCODED_KEY_IMPORT</DefineConstants>
   </PropertyGroup>
 
   <PropertyGroup

gen/OpenIddict.Client.WebIntegration.Generators/OpenIddictClientWebIntegrationGenerator.cs

@@ -67,7 +67,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
     /// </summary>
     {{~ end ~}}
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/>.</returns>
+    /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
     public OpenIddictClientWebIntegrationBuilder.{{ provider.name }} Use{{ provider.name }}()
     {
         // Note: TryAddEnumerable() is used here to ensure the initializers are registered only once.
@@ -90,7 +90,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
     {{~ end ~}}
     /// <remarks>This extension can be safely called multiple times.</remarks>
     /// <param name=""configuration"">The delegate used to configure the OpenIddict/{{ provider.name }} options.</param>
-    /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder""/>.</returns>
+    /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder""/> instance.</returns>
     public OpenIddictClientWebIntegrationBuilder Use{{ provider.name }}(Action<OpenIddictClientWebIntegrationBuilder.{{ provider.name }}> configuration)
     {
         if (configuration is null)
@@ -108,7 +108,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
     /// <summary>
     /// Exposes the necessary methods required to configure the {{ provider.name }} integration.
     /// </summary>
-    public class {{ provider.name }}
+    public partial class {{ provider.name }}
     {
         /// <summary>
         /// Initializes a new instance of <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/>.
@@ -128,7 +128,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
         /// </summary>
         /// <param name=""configuration"">The delegate used to configure the OpenIddict options.</param>
         /// <remarks>This extension can be safely called multiple times.</remarks>
-        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/>.</returns>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
         public {{ provider.name }} Configure(Action<OpenIddictClientWebIntegrationOptions.{{ provider.name }}> configuration)
         {
             if (configuration is null)
@@ -145,7 +145,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
         /// Sets the client identifier.
         /// </summary>
         /// <param name=""identifier"">The client identifier.</param>
-        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/>.</returns>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
         public {{ provider.name }} SetClientId(string identifier)
         {
             if (string.IsNullOrEmpty(identifier))
@@ -160,7 +160,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
         /// Sets the client secret, if applicable.
         /// </summary>
         /// <param name=""secret"">The client secret.</param>
-        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/>.</returns>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
         public {{ provider.name }} SetClientSecret(string secret)
         {
             if (string.IsNullOrEmpty(secret))
@@ -175,7 +175,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
         /// Sets the redirection URI, if applicable.
         /// </summary>
         /// <param name=""address"">The redirection URI.</param>
-        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/>.</returns>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
         public {{ provider.name }} SetRedirectUri(Uri address)
         {
             if (address is null)
@@ -190,7 +190,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
         /// Sets the redirection URI, if applicable.
         /// </summary>
         /// <param name=""address"">The redirection URI.</param>
-        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/>.</returns>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
         public {{ provider.name }} SetRedirectUri(string address)
         {
             if (string.IsNullOrEmpty(address))
@@ -210,7 +210,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
         /// Adds one or more scopes to the list of requested scopes, if applicable.
         /// </summary>
         /// <param name=""scopes"">The scopes.</param>
-        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/>.</returns>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
         public {{ provider.name }} AddScopes(params string[] scopes)
         {
             if (scopes is null)
@@ -225,7 +225,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
         /// <summary>
         /// Configures the provider to use the ""{{ environment.name }}"" environment.
         /// </summary>
-        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/>.</returns>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
         public {{ provider.name }} Use{{ environment.name }}Environment()
             => Configure(options => options.Environment = OpenIddictClientWebIntegrationConstants.{{ provider.name }}.Environments.{{ environment.name }});
         {{~ end ~}}
@@ -237,11 +237,25 @@ public partial class OpenIddictClientWebIntegrationBuilder
         /// </summary>
         {{~ end ~}}
         {{~ if setting.collection ~}}
-        public {{ provider.name }} Add{{ setting.name }}(params {{ setting.clr_type }}[] values)
-            => Configure(options => options.{{ setting.name }}.UnionWith(values));
+        public {{ provider.name }} Add{{ setting.property_name }}(params {{ setting.clr_type }}[] {{ setting.parameter_name }})
+        {
+            if ({{ setting.parameter_name }} is null)
+            {
+                throw new ArgumentNullException(nameof({{ setting.parameter_name }}));
+            }
+
+            return Configure(options => options.{{ setting.property_name }}.UnionWith({{ setting.parameter_name }}));
+        }
         {{~ else ~}}
-        public {{ provider.name }} Set{{ setting.name }}({{ setting.clr_type }}? value)
-            => Configure(options => options.{{ setting.name }} = value);
+        public {{ provider.name }} Set{{ setting.property_name }}({{ setting.clr_type }} {{ setting.parameter_name }})
+        {
+            if ({{ setting.parameter_name }} is null)
+            {
+                throw new ArgumentNullException(nameof({{ setting.parameter_name }}));
+            }
+
+            return Configure(options => options.{{ setting.property_name }} = {{ setting.parameter_name }});
+        }
         {{~ end ~}}
 
         {{~ end ~}}
@@ -277,7 +291,9 @@ public partial class OpenIddictClientWebIntegrationBuilder
 
                             Settings = provider.Elements("Setting").Select(setting => new
                             {
-                                Name = (string) setting.Attribute("Name"),
+                                PropertyName = (string) setting.Attribute("PropertyName"),
+                                ParameterName = (string) setting.Attribute("ParameterName"),
+
                                 Collection = (bool?) setting.Attribute("Collection") ?? false,
                                 Description = (string) setting.Attribute("Description") is string description ?
                                     char.ToLower(description[0], CultureInfo.GetCultureInfo("en-US")) + description.Substring(1) : null,
@@ -404,12 +420,12 @@ public partial class OpenIddictClientWebIntegrationConfiguration
             {{~ for setting in provider.settings ~}}
             {{~ if setting.required ~}}
             {{~ if setting.type == 'String' ~}} 
-            if (string.IsNullOrEmpty(options.{{ setting.name }}))
+            if (string.IsNullOrEmpty(options.{{ setting.property_name }}))
             {{~ else ~}}
-            if (options.{{ setting.name }} is null)
+            if (options.{{ setting.property_name }} is null)
             {{~ end ~}}
             {
-                throw new InvalidOperationException(SR.FormatID0332(nameof(options.{{ setting.name }}), Providers.{{ provider.name }}));
+                throw new InvalidOperationException(SR.FormatID0332(nameof(options.{{ setting.property_name }}), Providers.{{ provider.name }}));
             }
             {{~ end ~}}
             {{~ end ~}}
@@ -436,20 +452,20 @@ public partial class OpenIddictClientWebIntegrationConfiguration
 
             {{~ for setting in provider.settings ~}}
             {{~ if setting.default_value && setting.type == 'String' ~}} 
-            if (string.IsNullOrEmpty(options.{{ setting.name }}))
+            if (string.IsNullOrEmpty(options.{{ setting.property_name }}))
             {
-                options.{{ setting.name }} = ""{{ setting.default_value }}"";
+                options.{{ setting.property_name }} = ""{{ setting.default_value }}"";
             }
             {{~ end ~}}
             {{~ end ~}}
 
             {{~ for setting in provider.settings ~}}
             {{~ if setting.collection ~}}
-            if (options.{{ setting.name }}.Count is 0)
+            if (options.{{ setting.property_name }}.Count is 0)
             {
                 {{~ for item in setting.collection_items ~}}
                 {{~ if item.default && !item.required ~}}
-                options.{{ setting.name }}.Add(""{{ item.value }}"");
+                options.{{ setting.property_name }}.Add(""{{ item.value }}"");
                 {{~ end ~}}
                 {{~ end ~}}
             }
@@ -457,7 +473,7 @@ public partial class OpenIddictClientWebIntegrationConfiguration
 
             {{~ for item in setting.collection_items ~}}
             {{~ if item.required ~}}
-            options.{{ setting.name }}.Add(""{{ item.value }}"");
+            options.{{ setting.property_name }}.Add(""{{ item.value }}"");
             {{~ end ~}}
             {{~ end ~}}
             {{~ end ~}}
@@ -565,7 +581,7 @@ public partial class OpenIddictClientWebIntegrationConfiguration
                 {
                     {{~ for setting in provider.settings ~}}
                     {{~ if setting.type == 'EncryptionKey' ~}}
-                    new EncryptingCredentials(settings.{{ setting.name }}, ""{{ setting.encryption_algorithm }}"", SecurityAlgorithms.Aes256CbcHmacSha512),
+                    new EncryptingCredentials(settings.{{ setting.property_name }}, ""{{ setting.encryption_algorithm }}"", SecurityAlgorithms.Aes256CbcHmacSha512),
                     {{~ end ~}}
                     {{~ end ~}}
                 },
@@ -574,7 +590,7 @@ public partial class OpenIddictClientWebIntegrationConfiguration
                 {
                     {{~ for setting in provider.settings ~}}
                     {{~ if setting.type == 'SigningKey' ~}}
-                    new SigningCredentials(settings.{{ setting.name }}, ""{{ setting.signing_algorithm }}""),
+                    new SigningCredentials(settings.{{ setting.property_name }}, ""{{ setting.signing_algorithm }}""),
                     {{~ end ~}}
                     {{~ end ~}}
                 },
@@ -675,7 +691,8 @@ public partial class OpenIddictClientWebIntegrationConfiguration
 
                             Settings = provider.Elements("Setting").Select(setting => new
                             {
-                                Name = (string) setting.Attribute("Name"),
+                                PropertyName = (string) setting.Attribute("PropertyName"),
+
                                 Type = (string) setting.Attribute("Type"),
                                 Required = (bool?) setting.Attribute("Required") ?? false,
                                 Collection = (bool?) setting.Attribute("Collection") ?? false,
@@ -785,9 +802,9 @@ public partial class OpenIddictClientWebIntegrationOptions
         /// </summary>
         {{~ end ~}}
         {{~ if setting.collection ~}}
-        public HashSet<{{ setting.clr_type }}> {{ setting.name }} { get; } = new();
+        public HashSet<{{ setting.clr_type }}> {{ setting.property_name }} { get; } = new();
         {{~ else ~}}
-        public {{ setting.clr_type }}? {{ setting.name }} { get; set; }
+        public {{ setting.clr_type }}? {{ setting.property_name }} { get; set; }
         {{~ end ~}}
 
         {{~ end ~}}
@@ -804,7 +821,8 @@ public partial class OpenIddictClientWebIntegrationOptions
 
                             Settings = provider.Elements("Setting").Select(setting => new
                             {
-                                Name = (string) setting.Attribute("Name"),
+                                PropertyName = (string) setting.Attribute("PropertyName"),
+
                                 Collection = (bool?) setting.Attribute("Collection") ?? false,
                                 Description = (string) setting.Attribute("Description") is string description ?
                                     char.ToLower(description[0], CultureInfo.GetCultureInfo("en-US")) + description.Substring(1) : null,

src/OpenIddict.Abstractions/OpenIddictExtensions.cs

@@ -16,7 +16,7 @@ public static class OpenIddictExtensions
     /// </summary>
     /// <param name="services">The services collection.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictBuilder"/> instance.</returns>
     public static OpenIddictBuilder AddOpenIddict(this IServiceCollection services)
     {
         if (services is null)

src/OpenIddict.Abstractions/OpenIddictResources.resx

@@ -1334,6 +1334,9 @@ Alternatively, you can disable the token storage feature by calling 'services.Ad
   <data name="ID0345" xml:space="preserve">
     <value>The product name cannot be null or empty.</value>
   </data>
+  <data name="ID0346" xml:space="preserve">
+    <value>The PEM-encoded key cannot be empty.</value>
+  </data>
   <data name="ID2000" xml:space="preserve">
     <value>The security token is missing.</value>
   </data>

src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreBuilder.cs

@@ -34,7 +34,7 @@ public class OpenIddictClientAspNetCoreBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictClientAspNetCoreBuilder Configure(Action<OpenIddictClientAspNetCoreOptions> configuration)
     {
         if (configuration is null)
@@ -53,7 +53,7 @@ public class OpenIddictClientAspNetCoreBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictClientAspNetCoreBuilder EnablePostLogoutRedirectionEndpointPassthrough()
         => Configure(options => options.EnablePostLogoutRedirectionEndpointPassthrough = true);
 
@@ -63,7 +63,7 @@ public class OpenIddictClientAspNetCoreBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictClientAspNetCoreBuilder EnableRedirectionEndpointPassthrough()
         => Configure(options => options.EnableRedirectionEndpointPassthrough = true);
 
@@ -76,7 +76,7 @@ public class OpenIddictClientAspNetCoreBuilder
     /// <remarks>
     /// Important: the error pass-through mode cannot be used when the status code pages integration is enabled.
     /// </remarks>
-    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictClientAspNetCoreBuilder EnableErrorPassthrough()
         => Configure(options => options.EnableErrorPassthrough = true);
@@ -85,7 +85,7 @@ public class OpenIddictClientAspNetCoreBuilder
     /// Enables status code pages integration support. Once enabled, errors
     /// generated by the interactive endpoints can be handled by ASP.NET Core.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictClientAspNetCoreBuilder EnableStatusCodePagesIntegration()
         => Configure(options => options.EnableStatusCodePagesIntegration = true);
 

src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictClientAspNetCoreExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientAspNetCoreBuilder"/> instance.</returns>
     public static OpenIddictClientAspNetCoreBuilder UseAspNetCore(this OpenIddictClientBuilder builder)
     {
         if (builder is null)
@@ -63,7 +63,7 @@ public static class OpenIddictClientAspNetCoreExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the client services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public static OpenIddictClientBuilder UseAspNetCore(
         this OpenIddictClientBuilder builder, Action<OpenIddictClientAspNetCoreBuilder> configuration)
     {

src/OpenIddict.Client.DataProtection/OpenIddictClientDataProtectionBuilder.cs

@@ -34,7 +34,7 @@ public class OpenIddictClientDataProtectionBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientDataProtectionBuilder"/> instance.</returns>
     public OpenIddictClientDataProtectionBuilder Configure(Action<OpenIddictClientDataProtectionOptions> configuration)
     {
         if (configuration is null)
@@ -52,7 +52,7 @@ public class OpenIddictClientDataProtectionBuilder
     /// instead of relying on the default instance provided by the DI container.
     /// </summary>
     /// <param name="provider">The data protection provider used to create token protectors.</param>
-    /// <returns>The <see cref="OpenIddictClientDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientDataProtectionBuilder"/> instance.</returns>
     public OpenIddictClientDataProtectionBuilder UseDataProtectionProvider(IDataProtectionProvider provider)
     {
         if (provider is null)
@@ -67,7 +67,7 @@ public class OpenIddictClientDataProtectionBuilder
     /// Configures OpenIddict to use a specific formatter instead of relying on the default instance.
     /// </summary>
     /// <param name="formatter">The formatter used to read and write tokens.</param>
-    /// <returns>The <see cref="OpenIddictClientDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientDataProtectionBuilder"/> instance.</returns>
     public OpenIddictClientDataProtectionBuilder UseFormatter(IOpenIddictClientDataProtectionFormatter formatter)
     {
         if (formatter is null)
@@ -81,7 +81,7 @@ public class OpenIddictClientDataProtectionBuilder
     /// <summary>
     /// Configures OpenIddict to use the default token format (JWT) when issuing new state tokens.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientDataProtectionBuilder"/> instance.</returns>
     public OpenIddictClientDataProtectionBuilder PreferDefaultStateTokenFormat()
         => Configure(options => options.PreferDefaultStateTokenFormat = true);
 

src/OpenIddict.Client.DataProtection/OpenIddictClientDataProtectionExtensions.cs

@@ -22,7 +22,7 @@ public static class OpenIddictClientDataProtectionExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public static OpenIddictClientDataProtectionBuilder UseDataProtection(this OpenIddictClientBuilder builder)
     {
         if (builder is null)
@@ -56,7 +56,7 @@ public static class OpenIddictClientDataProtectionExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the client services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public static OpenIddictClientBuilder UseDataProtection(
         this OpenIddictClientBuilder builder, Action<OpenIddictClientDataProtectionBuilder> configuration)
     {

src/OpenIddict.Client.Owin/OpenIddictClientOwinBuilder.cs

@@ -34,7 +34,7 @@ public class OpenIddictClientOwinBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/> instance.</returns>
     public OpenIddictClientOwinBuilder Configure(Action<OpenIddictClientOwinOptions> configuration)
     {
         if (configuration is null)
@@ -53,7 +53,7 @@ public class OpenIddictClientOwinBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/> instance.</returns>
     public OpenIddictClientOwinBuilder EnablePostLogoutRedirectionEndpointPassthrough()
         => Configure(options => options.EnablePostLogoutRedirectionEndpointPassthrough = true);
 
@@ -63,7 +63,7 @@ public class OpenIddictClientOwinBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/> instance.</returns>
     public OpenIddictClientOwinBuilder EnableRedirectionEndpointPassthrough()
         => Configure(options => options.EnableRedirectionEndpointPassthrough = true);
 
@@ -76,7 +76,7 @@ public class OpenIddictClientOwinBuilder
     /// <remarks>
     /// Important: the error pass-through mode cannot be used when the status code pages integration is enabled.
     /// </remarks>
-    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictClientOwinBuilder EnableErrorPassthrough()
         => Configure(options => options.EnableErrorPassthrough = true);

src/OpenIddict.Client.Owin/OpenIddictClientOwinExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictClientOwinExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientOwinBuilder"/> instance.</returns>
     public static OpenIddictClientOwinBuilder UseOwin(this OpenIddictClientBuilder builder)
     {
         if (builder is null)
@@ -63,7 +63,7 @@ public static class OpenIddictClientOwinExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the client services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public static OpenIddictClientBuilder UseOwin(
         this OpenIddictClientBuilder builder, Action<OpenIddictClientOwinBuilder> configuration)
     {

src/OpenIddict.Client.Owin/OpenIddictClientOwinHelpers.cs

@@ -20,7 +20,7 @@ public static class OpenIddictClientOwinHelpers
     /// middleware resolution (like Autofac), calling this method is NOT recommended.
     /// </summary>
     /// <param name="app">The application builder used to register middleware instances.</param>
-    /// <returns>The <see cref="IAppBuilder"/>.</returns>
+    /// <returns>The <see cref="IAppBuilder"/> instance.</returns>
     public static IAppBuilder UseOpenIddictClient(this IAppBuilder app)
     {
         if (app is null)

src/OpenIddict.Client.SystemNetHttp/OpenIddictClientSystemNetHttpBuilder.cs

@@ -35,7 +35,7 @@ public class OpenIddictClientSystemNetHttpBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictClientSystemNetHttpBuilder Configure(Action<OpenIddictClientSystemNetHttpOptions> configuration)
     {
         if (configuration is null)
@@ -52,7 +52,7 @@ public class OpenIddictClientSystemNetHttpBuilder
     /// Replaces the default HTTP error policy used by the OpenIddict client services.
     /// </summary>
     /// <param name="policy">The HTTP Polly error policy.</param>
-    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictClientSystemNetHttpBuilder SetHttpErrorPolicy(IAsyncPolicy<HttpResponseMessage> policy)
     {
         if (policy is null)
@@ -68,7 +68,7 @@ public class OpenIddictClientSystemNetHttpBuilder
     /// to the backchannel HTTP requests sent to the authorization server.
     /// </summary>
     /// <param name="information">The product information.</param>
-    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictClientSystemNetHttpBuilder SetProductInformation(ProductInfoHeaderValue information)
     {
         if (information is null)
@@ -85,7 +85,7 @@ public class OpenIddictClientSystemNetHttpBuilder
     /// </summary>
     /// <param name="name">The product name.</param>
     /// <param name="version">The product version.</param>
-    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictClientSystemNetHttpBuilder SetProductInformation(string name, string? version)
     {
         if (string.IsNullOrEmpty(name))
@@ -102,7 +102,7 @@ public class OpenIddictClientSystemNetHttpBuilder
     /// on the identity of the specified .NET assembly (name and version).
     /// </summary>
     /// <param name="assembly">The assembly from which the product information is created.</param>
-    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictClientSystemNetHttpBuilder SetProductInformation(Assembly assembly)
     {
         if (assembly is null)

src/OpenIddict.Client.SystemNetHttp/OpenIddictClientSystemNetHttpExtensions.cs

@@ -22,7 +22,7 @@ public static class OpenIddictClientSystemNetHttpExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public static OpenIddictClientSystemNetHttpBuilder UseSystemNetHttp(this OpenIddictClientBuilder builder)
     {
         if (builder is null)
@@ -55,7 +55,7 @@ public static class OpenIddictClientSystemNetHttpExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the client services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictBuilder"/> instance.</returns>
     public static OpenIddictClientBuilder UseSystemNetHttp(
         this OpenIddictClientBuilder builder, Action<OpenIddictClientSystemNetHttpBuilder> configuration)
     {

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationBuilder.cs

@@ -5,6 +5,8 @@
  */
 
 using System.ComponentModel;
+using System.Security.Cryptography;
+using Microsoft.IdentityModel.Tokens;
 using OpenIddict.Client.WebIntegration;
 
 namespace Microsoft.Extensions.DependencyInjection;
@@ -32,7 +34,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientWebIntegrationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientWebIntegrationBuilder"/> instance.</returns>
     public OpenIddictClientWebIntegrationBuilder Configure(Action<OpenIddictClientWebIntegrationOptions> configuration)
     {
         if (configuration is null)
@@ -47,6 +49,60 @@ public partial class OpenIddictClientWebIntegrationBuilder
 
     // Note: provider registration methods are automatically generated by the source generator.
 
+    /// <summary>
+    /// Exposes the necessary methods required to configure the Apple integration.
+    /// </summary>
+    public partial class Apple
+    {
+#if SUPPORTS_PEM_ENCODED_KEY_IMPORT
+        /// <summary>
+        /// Configures the Elliptic Curve Digital Signature Algorithm
+        /// (ECDSA) signing key associated with the developer account.
+        /// </summary>
+        /// <param name="key">The PEM-encoded ECDSA signing key.</param>
+        /// <returns>The <see cref="Apple"/> instance.</returns>
+        public Apple SetSigningKey(string key) => SetSigningKey(key.AsMemory());
+
+        /// <summary>
+        /// Configures the Elliptic Curve Digital Signature Algorithm
+        /// (ECDSA) signing key associated with the developer account.
+        /// </summary>
+        /// <param name="key">The PEM-encoded ECDSA signing key.</param>
+        /// <returns>The <see cref="Apple"/> instance.</returns>
+        public Apple SetSigningKey(ReadOnlyMemory<char> key) => SetSigningKey(key.Span);
+
+        /// <summary>
+        /// Configures the Elliptic Curve Digital Signature Algorithm
+        /// (ECDSA) signing key associated with the developer account.
+        /// </summary>
+        /// <param name="key">The PEM-encoded ECDSA signing key.</param>
+        /// <returns>The <see cref="Apple"/> instance.</returns>
+        public Apple SetSigningKey(ReadOnlySpan<char> key)
+        {
+            if (key.IsEmpty)
+            {
+                throw new ArgumentException(SR.GetResourceString(SR.ID0346), nameof(key));
+            }
+
+            var algorithm = ECDsa.Create();
+
+            try
+            {
+                algorithm.ImportFromPem(key);
+            }
+
+            catch
+            {
+                algorithm.Dispose();
+
+                throw;
+            }
+
+            return SetSigningKey(new ECDsaSecurityKey(algorithm));
+        }
+#endif
+    }
+
     /// <inheritdoc/>
     [EditorBrowsable(EditorBrowsableState.Never)]
     public override bool Equals(object? obj) => base.Equals(obj);

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictClientWebIntegrationExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientWebIntegrationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientWebIntegrationBuilder"/> instance.</returns>
     public static OpenIddictClientWebIntegrationBuilder UseWebProviders(this OpenIddictClientBuilder builder)
     {
         if (builder is null)
@@ -52,7 +52,7 @@ public static class OpenIddictClientWebIntegrationExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the validation services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public static OpenIddictClientBuilder UseWebProviders(
         this OpenIddictClientBuilder builder, Action<OpenIddictClientWebIntegrationBuilder> configuration)
     {

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml

@@ -4,12 +4,12 @@
   <Provider Name="Apple" Documentation="https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api">
     <Environment Issuer="https://appleid.apple.com/" />
 
-    <Setting Name="SigningKey" Type="SigningKey" Required="true"
+    <Setting PropertyName="SigningKey" ParameterName="key" Type="SigningKey" Required="true"
              Description="The Elliptic Curve Digital Signature Algorithm (ECDSA) signing key associated with the developer account">
       <SigningAlgorithm Value="ES256" />
     </Setting>
 
-    <Setting Name="TeamId" Type="String" Required="true"
+    <Setting PropertyName="TeamId" ParameterName="identifier" Type="String" Required="true"
              Description="The team ID associated with the developer account" />
   </Provider>
 
@@ -35,7 +35,7 @@
 
     <Environment Issuer="https://login.microsoftonline.com/{tenant}/v2.0" />
 
-    <Setting Name="Tenant" Type="String" Required="false" DefaultValue="common"
+    <Setting PropertyName="Tenant" ParameterName="tenant" Type="String" Required="false" DefaultValue="common"
              Description="The tenant used to identify the Azure AD instance (by default, the common tenant is used)" />
   </Provider>
 
@@ -78,12 +78,12 @@
       <Scope Name="users.read" Default="true" Required="true" />
     </Environment>
 
-    <Setting Name="Expansions" Collection="true" Type="String"
+    <Setting PropertyName="Expansions" ParameterName="expansions" Collection="true" Type="String"
              Description="The list of data objects to expand from the userinfo endpoint (by default, all known expansions are requested)">
       <CollectionItem Value="pinned_tweet_id" Default="true" Required="false" />
     </Setting>
 
-    <Setting Name="TweetFields" Collection="true" Type="String"
+    <Setting PropertyName="TweetFields" ParameterName="fields" Collection="true" Type="String"
              Description="The tweet fields that should be retrieved from the userinfo endpoint (by default, all known tweet fields are requested)">
       <CollectionItem Value="attachments"         Default="true" Required="false" />
       <CollectionItem Value="author_id"           Default="true" Required="false" />
@@ -107,7 +107,7 @@
       <CollectionItem Value="withheld"            Default="true" Required="false" />
     </Setting>
 
-    <Setting Name="UserFields" Collection="true" Type="String"
+    <Setting PropertyName="UserFields" ParameterName="fields" Collection="true" Type="String"
              Description="The user fields that should be retrieved from the userinfo endpoint (by default, all known user fields are requested)">
       <CollectionItem Value="created_at"      Default="true" Required="false" />
       <CollectionItem Value="description"     Default="true" Required="false" />

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xsd

@@ -329,9 +329,9 @@
                     </xs:element>
                   </xs:sequence>
 
-                  <xs:attribute name="Name" use="required">
+                  <xs:attribute name="PropertyName" use="required">
                     <xs:annotation>
-                      <xs:documentation>The setting name.</xs:documentation>
+                      <xs:documentation>The name of the property used to reference the setting in the options class.</xs:documentation>
                     </xs:annotation>
 
                     <xs:simpleType>
@@ -341,6 +341,18 @@
                     </xs:simpleType>
                   </xs:attribute>
 
+                  <xs:attribute name="ParameterName" use="required">
+                    <xs:annotation>
+                      <xs:documentation>The name of the parameter used to reference the setting in the builder methods.</xs:documentation>
+                    </xs:annotation>
+
+                    <xs:simpleType>
+                      <xs:restriction base="xs:string">
+                        <xs:pattern value="^[a-z][a-zA-Z0-9]*$" />
+                      </xs:restriction>
+                    </xs:simpleType>
+                  </xs:attribute>
+
                   <xs:attribute name="Collection" use="optional">
                     <xs:annotation>
                       <xs:documentation>A boolean indicating whether the setting is a collection.</xs:documentation>

src/OpenIddict.Client/OpenIddictClientBuilder.cs

@@ -39,7 +39,7 @@ public class OpenIddictClientBuilder
     /// </summary>
     /// <typeparam name="TContext">The event context type.</typeparam>
     /// <param name="configuration">The configuration delegate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictClientBuilder AddEventHandler<TContext>(
         Action<OpenIddictClientHandlerDescriptor.Builder<TContext>> configuration)
@@ -63,7 +63,7 @@ public class OpenIddictClientBuilder
     /// Registers an event handler using the specified descriptor.
     /// </summary>
     /// <param name="descriptor">The handler descriptor.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictClientBuilder AddEventHandler(OpenIddictClientHandlerDescriptor descriptor)
     {
@@ -82,7 +82,7 @@ public class OpenIddictClientBuilder
     /// Removes the event handler that matches the specified descriptor.
     /// </summary>
     /// <param name="descriptor">The descriptor corresponding to the handler to remove.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictClientBuilder RemoveEventHandler(OpenIddictClientHandlerDescriptor descriptor)
     {
@@ -112,7 +112,7 @@ public class OpenIddictClientBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder Configure(Action<OpenIddictClientOptions> configuration)
     {
         if (configuration is null)
@@ -129,7 +129,7 @@ public class OpenIddictClientBuilder
     /// Registers encryption credentials.
     /// </summary>
     /// <param name="credentials">The encrypting credentials.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEncryptionCredentials(EncryptingCredentials credentials)
     {
         if (credentials is null)
@@ -144,7 +144,7 @@ public class OpenIddictClientBuilder
     /// Registers an encryption key.
     /// </summary>
     /// <param name="key">The security key.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEncryptionKey(SecurityKey key)
     {
         if (key is null)
@@ -182,7 +182,7 @@ public class OpenIddictClientBuilder
     /// <summary>
     /// Registers (and generates if necessary) a user-specific development encryption certificate.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddDevelopmentEncryptionCertificate()
         => AddDevelopmentEncryptionCertificate(new X500DistinguishedName("CN=OpenIddict Client Encryption Certificate"));
 
@@ -190,7 +190,7 @@ public class OpenIddictClientBuilder
     /// Registers (and generates if necessary) a user-specific development encryption certificate.
     /// </summary>
     /// <param name="subject">The subject name associated with the certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the client options.")]
     public OpenIddictClientBuilder AddDevelopmentEncryptionCertificate(X500DistinguishedName subject)
@@ -269,7 +269,7 @@ public class OpenIddictClientBuilder
     /// automatically invalidated. This method should only be used during development.
     /// On production, using a X.509 certificate stored in the machine store is recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEphemeralEncryptionKey()
         => AddEphemeralEncryptionKey(SecurityAlgorithms.RsaOAEP);
 
@@ -280,7 +280,7 @@ public class OpenIddictClientBuilder
     /// On production, using a X.509 certificate stored in the machine store is recommended.
     /// </summary>
     /// <param name="algorithm">The algorithm associated with the encryption key.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEphemeralEncryptionKey(string algorithm)
     {
         if (string.IsNullOrEmpty(algorithm))
@@ -353,7 +353,7 @@ public class OpenIddictClientBuilder
     /// Registers an encryption certificate.
     /// </summary>
     /// <param name="certificate">The encryption certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEncryptionCertificate(X509Certificate2 certificate)
     {
         if (certificate is null)
@@ -386,7 +386,7 @@ public class OpenIddictClientBuilder
     /// <param name="assembly">The assembly containing the certificate.</param>
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEncryptionCertificate(Assembly assembly, string resource, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
         // Note: ephemeral key sets are currently not supported on macOS.
@@ -404,7 +404,7 @@ public class OpenIddictClientBuilder
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
     /// <param name="flags">An enumeration of flags indicating how and where to store the private key of the certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEncryptionCertificate(
         Assembly assembly, string resource,
         string? password, X509KeyStorageFlags flags)
@@ -430,7 +430,7 @@ public class OpenIddictClientBuilder
     /// </summary>
     /// <param name="stream">The stream containing the certificate.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEncryptionCertificate(Stream stream, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
         // Note: ephemeral key sets are currently not supported on macOS.
@@ -450,7 +450,7 @@ public class OpenIddictClientBuilder
     /// An enumeration of flags indicating how and where
     /// to store the private key of the certificate.
     /// </param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the client options.")]
     public OpenIddictClientBuilder AddEncryptionCertificate(Stream stream, string? password, X509KeyStorageFlags flags)
@@ -470,7 +470,7 @@ public class OpenIddictClientBuilder
     /// Registers an encryption certificate retrieved from the X.509 user or machine store.
     /// </summary>
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEncryptionCertificate(string thumbprint)
     {
         if (string.IsNullOrEmpty(thumbprint))
@@ -500,7 +500,7 @@ public class OpenIddictClientBuilder
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
     /// <param name="name">The name of the X.509 store.</param>
     /// <param name="location">The location of the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEncryptionCertificate(string thumbprint, StoreName name, StoreLocation location)
     {
         if (string.IsNullOrEmpty(thumbprint))
@@ -521,7 +521,7 @@ public class OpenIddictClientBuilder
     /// Registers signing credentials.
     /// </summary>
     /// <param name="credentials">The signing credentials.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddSigningCredentials(SigningCredentials credentials)
     {
         if (credentials is null)
@@ -536,7 +536,7 @@ public class OpenIddictClientBuilder
     /// Registers a signing key.
     /// </summary>
     /// <param name="key">The security key.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddSigningKey(SecurityKey key)
     {
         if (key is null)
@@ -592,7 +592,7 @@ public class OpenIddictClientBuilder
     /// <summary>
     /// Registers (and generates if necessary) a user-specific development signing certificate.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddDevelopmentSigningCertificate()
         => AddDevelopmentSigningCertificate(new X500DistinguishedName("CN=OpenIddict Client Signing Certificate"));
 
@@ -600,7 +600,7 @@ public class OpenIddictClientBuilder
     /// Registers (and generates if necessary) a user-specific development signing certificate.
     /// </summary>
     /// <param name="subject">The subject name associated with the certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the client options.")]
     public OpenIddictClientBuilder AddDevelopmentSigningCertificate(X500DistinguishedName subject)
@@ -679,7 +679,7 @@ public class OpenIddictClientBuilder
     /// automatically invalidated. This method should only be used during development.
     /// On production, using a X.509 certificate stored in the machine store is recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddEphemeralSigningKey()
         => AddEphemeralSigningKey(SecurityAlgorithms.RsaSha256);
 
@@ -690,7 +690,7 @@ public class OpenIddictClientBuilder
     /// On production, using a X.509 certificate stored in the machine store is recommended.
     /// </summary>
     /// <param name="algorithm">The algorithm associated with the signing key.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the client options.")]
     public OpenIddictClientBuilder AddEphemeralSigningKey(string algorithm)
@@ -781,7 +781,7 @@ public class OpenIddictClientBuilder
     /// Registers a signing certificate.
     /// </summary>
     /// <param name="certificate">The signing certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddSigningCertificate(X509Certificate2 certificate)
     {
         if (certificate is null)
@@ -814,7 +814,7 @@ public class OpenIddictClientBuilder
     /// <param name="assembly">The assembly containing the certificate.</param>
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddSigningCertificate(Assembly assembly, string resource, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
         // Note: ephemeral key sets are currently not supported on macOS.
@@ -832,7 +832,7 @@ public class OpenIddictClientBuilder
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
     /// <param name="flags">An enumeration of flags indicating how and where to store the private key of the certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddSigningCertificate(
         Assembly assembly, string resource,
         string? password, X509KeyStorageFlags flags)
@@ -858,7 +858,7 @@ public class OpenIddictClientBuilder
     /// </summary>
     /// <param name="stream">The stream containing the certificate.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddSigningCertificate(Stream stream, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
         // Note: ephemeral key sets are currently not supported on macOS.
@@ -878,7 +878,7 @@ public class OpenIddictClientBuilder
     /// An enumeration of flags indicating how and where
     /// to store the private key of the certificate.
     /// </param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the client options.")]
     public OpenIddictClientBuilder AddSigningCertificate(Stream stream, string? password, X509KeyStorageFlags flags)
@@ -898,7 +898,7 @@ public class OpenIddictClientBuilder
     /// Registers a signing certificate retrieved from the X.509 user or machine store.
     /// </summary>
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddSigningCertificate(string thumbprint)
     {
         if (string.IsNullOrEmpty(thumbprint))
@@ -928,7 +928,7 @@ public class OpenIddictClientBuilder
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
     /// <param name="name">The name of the X.509 store.</param>
     /// <param name="location">The location of the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddSigningCertificate(string thumbprint, StoreName name, StoreLocation location)
     {
         if (string.IsNullOrEmpty(thumbprint))
@@ -949,7 +949,7 @@ public class OpenIddictClientBuilder
     /// Adds a new client registration.
     /// </summary>
     /// <param name="registration">The client registration.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder AddRegistration(OpenIddictClientRegistration registration)
     {
         if (registration is null)
@@ -966,7 +966,7 @@ public class OpenIddictClientBuilder
     /// Using this option is generally NOT recommended as it prevents
     /// the tokens from being revoked (if needed).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder DisableTokenStorage()
         => Configure(options => options.DisableTokenStorage = true);
 
@@ -981,7 +981,7 @@ public class OpenIddictClientBuilder
     /// see https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics#section-4.4.
     /// </remarks>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder SetRedirectionEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1003,7 +1003,7 @@ public class OpenIddictClientBuilder
     /// see https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics#section-4.4.
     /// </remarks>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder SetRedirectionEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1033,7 +1033,7 @@ public class OpenIddictClientBuilder
     /// If an empty array is specified, the endpoint will be considered disabled.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder SetPostLogoutRedirectionEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1049,7 +1049,7 @@ public class OpenIddictClientBuilder
     /// If an empty array is specified, the endpoint will be considered disabled.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder SetPostLogoutRedirectionEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1081,7 +1081,7 @@ public class OpenIddictClientBuilder
     /// While discouraged, <see langword="null"/> can be specified to issue tokens that never expire.
     /// </summary>
     /// <param name="lifetime">The access token lifetime.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder SetClientAssertionTokenLifetime(TimeSpan? lifetime)
         => Configure(options => options.ClientAssertionTokenLifetime = lifetime);
 
@@ -1092,7 +1092,7 @@ public class OpenIddictClientBuilder
     /// While discouraged, <see langword="null"/> can be specified to issue tokens that never expire.
     /// </summary>
     /// <param name="lifetime">The access token lifetime.</param>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public OpenIddictClientBuilder SetStateTokenLifetime(TimeSpan? lifetime)
         => Configure(options => options.StateTokenLifetime = lifetime);
 

src/OpenIddict.Client/OpenIddictClientExtensions.cs

@@ -20,7 +20,7 @@ public static class OpenIddictClientExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
     public static OpenIddictClientBuilder AddClient(this OpenIddictBuilder builder)
     {
         if (builder is null)
@@ -78,7 +78,7 @@ public static class OpenIddictClientExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the client services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictBuilder"/> instance.</returns>
     public static OpenIddictBuilder AddClient(this OpenIddictBuilder builder, Action<OpenIddictClientBuilder> configuration)
     {
         if (builder is null)

src/OpenIddict.Core/OpenIddictCoreBuilder.cs

@@ -34,7 +34,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder Configure(Action<OpenIddictCoreOptions> configuration)
     {
         if (configuration is null)
@@ -55,7 +55,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <typeparam name="TStore">The type of the custom store.</typeparam>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder AddApplicationStore<TStore>(ServiceLifetime lifetime = ServiceLifetime.Scoped)
         where TStore : class
         => AddApplicationStore(typeof(TStore), lifetime);
@@ -68,7 +68,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <param name="type">The type of the custom store.</param>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder AddApplicationStore(Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
     {
         if (type is null)
@@ -108,7 +108,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <typeparam name="TStore">The type of the custom store.</typeparam>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder AddAuthorizationStore<TStore>(ServiceLifetime lifetime = ServiceLifetime.Scoped)
         where TStore : class
         => AddAuthorizationStore(typeof(TStore), lifetime);
@@ -121,7 +121,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <param name="type">The type of the custom store.</param>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder AddAuthorizationStore(Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
     {
         if (type is null)
@@ -161,7 +161,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <typeparam name="TStore">The type of the custom store.</typeparam>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder AddScopeStore<TStore>(ServiceLifetime lifetime = ServiceLifetime.Scoped)
         where TStore : class
         => AddScopeStore(typeof(TStore), lifetime);
@@ -174,7 +174,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <param name="type">The type of the custom store.</param>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder AddScopeStore(Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
     {
         if (type is null)
@@ -214,7 +214,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <typeparam name="TStore">The type of the custom store.</typeparam>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder AddTokenStore<TStore>(ServiceLifetime lifetime = ServiceLifetime.Scoped)
         where TStore : class
         => AddTokenStore(typeof(TStore), lifetime);
@@ -227,7 +227,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <param name="type">The type of the custom store.</param>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder AddTokenStore(Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
     {
         if (type is null)
@@ -266,7 +266,7 @@ public class OpenIddictCoreBuilder
     /// must be either a non-generic or closed generic service.
     /// </summary>
     /// <typeparam name="TManager">The type of the custom manager.</typeparam>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceApplicationManager<TManager>()
         where TManager : class
         => ReplaceApplicationManager(typeof(TManager));
@@ -278,7 +278,7 @@ public class OpenIddictCoreBuilder
     /// either a non-generic, a closed or an open generic service.
     /// </summary>
     /// <param name="type">The type of the custom manager.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceApplicationManager(Type type)
     {
         if (type is null)
@@ -321,7 +321,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <typeparam name="TResolver">The type of the custom store.</typeparam>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceApplicationStoreResolver<TResolver>(ServiceLifetime lifetime = ServiceLifetime.Scoped)
         where TResolver : IOpenIddictApplicationStoreResolver
         => ReplaceApplicationStoreResolver(typeof(TResolver), lifetime);
@@ -331,7 +331,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <param name="type">The type of the custom store.</param>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceApplicationStoreResolver(
         Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
     {
@@ -357,7 +357,7 @@ public class OpenIddictCoreBuilder
     /// must be either a non-generic or closed generic service.
     /// </summary>
     /// <typeparam name="TManager">The type of the custom manager.</typeparam>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceAuthorizationManager<TManager>()
         where TManager : class
         => ReplaceAuthorizationManager(typeof(TManager));
@@ -369,7 +369,7 @@ public class OpenIddictCoreBuilder
     /// either a non-generic, a closed or an open generic service.
     /// </summary>
     /// <param name="type">The type of the custom manager.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceAuthorizationManager(Type type)
     {
         if (type is null)
@@ -412,7 +412,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <typeparam name="TResolver">The type of the custom store.</typeparam>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceAuthorizationStoreResolver<TResolver>(ServiceLifetime lifetime = ServiceLifetime.Scoped)
         where TResolver : IOpenIddictAuthorizationStoreResolver
         => ReplaceAuthorizationStoreResolver(typeof(TResolver), lifetime);
@@ -422,7 +422,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <param name="type">The type of the custom store.</param>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceAuthorizationStoreResolver(
         Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
     {
@@ -448,7 +448,7 @@ public class OpenIddictCoreBuilder
     /// must be either a non-generic or closed generic service.
     /// </summary>
     /// <typeparam name="TManager">The type of the custom manager.</typeparam>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceScopeManager<TManager>()
         where TManager : class
         => ReplaceScopeManager(typeof(TManager));
@@ -460,7 +460,7 @@ public class OpenIddictCoreBuilder
     /// either a non-generic, a closed or an open generic service.
     /// </summary>
     /// <param name="type">The type of the custom manager.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceScopeManager(Type type)
     {
         if (type is null)
@@ -503,7 +503,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <typeparam name="TResolver">The type of the custom store.</typeparam>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceScopeStoreResolver<TResolver>(ServiceLifetime lifetime = ServiceLifetime.Scoped)
         where TResolver : IOpenIddictScopeStoreResolver
         => ReplaceScopeStoreResolver(typeof(TResolver), lifetime);
@@ -513,7 +513,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <param name="type">The type of the custom store.</param>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceScopeStoreResolver(
         Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
     {
@@ -539,7 +539,7 @@ public class OpenIddictCoreBuilder
     /// must be either a non-generic or closed generic service.
     /// </summary>
     /// <typeparam name="TManager">The type of the custom manager.</typeparam>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceTokenManager<TManager>()
         where TManager : class
         => ReplaceTokenManager(typeof(TManager));
@@ -551,7 +551,7 @@ public class OpenIddictCoreBuilder
     /// either a non-generic, a closed or an open generic service.
     /// </summary>
     /// <param name="type">The type of the custom manager.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceTokenManager(Type type)
     {
         if (type is null)
@@ -594,7 +594,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <typeparam name="TResolver">The type of the custom store.</typeparam>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceTokenStoreResolver<TResolver>(ServiceLifetime lifetime = ServiceLifetime.Scoped)
         where TResolver : IOpenIddictTokenStoreResolver
         => ReplaceTokenStoreResolver(typeof(TResolver), lifetime);
@@ -604,7 +604,7 @@ public class OpenIddictCoreBuilder
     /// </summary>
     /// <param name="type">The type of the custom store.</param>
     /// <param name="lifetime">The lifetime of the registered service.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder ReplaceTokenStoreResolver(
         Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
     {
@@ -630,7 +630,7 @@ public class OpenIddictCoreBuilder
     /// stores are guaranteed to execute case-sensitive filtering at the database level.
     /// Disabling this feature MAY result in security vulnerabilities in the other cases.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder DisableAdditionalFiltering()
         => Configure(options => options.DisableAdditionalFiltering = true);
 
@@ -639,14 +639,14 @@ public class OpenIddictCoreBuilder
     /// Disabling entity caching may have a noticeable impact on the performance
     /// of your application and result in multiple queries being sent by the stores.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder DisableEntityCaching()
         => Configure(options => options.DisableEntityCaching = true);
 
     /// <summary>
     /// Configures OpenIddict to use the specified entity as the default application entity.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder SetDefaultApplicationEntity<TApplication>() where TApplication : class
         => SetDefaultApplicationEntity(typeof(TApplication));
 
@@ -654,7 +654,7 @@ public class OpenIddictCoreBuilder
     /// Configures OpenIddict to use the specified entity as the default application entity.
     /// </summary>
     /// <param name="type">The application entity type.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder SetDefaultApplicationEntity(Type type)
     {
         if (type is null)
@@ -673,7 +673,7 @@ public class OpenIddictCoreBuilder
     /// <summary>
     /// Configures OpenIddict to use the specified entity as the default authorization entity.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder SetDefaultAuthorizationEntity<TAuthorization>() where TAuthorization : class
         => SetDefaultAuthorizationEntity(typeof(TAuthorization));
 
@@ -681,7 +681,7 @@ public class OpenIddictCoreBuilder
     /// Configures OpenIddict to use the specified entity as the default authorization entity.
     /// </summary>
     /// <param name="type">The authorization entity type.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder SetDefaultAuthorizationEntity(Type type)
     {
         if (type is null)
@@ -700,7 +700,7 @@ public class OpenIddictCoreBuilder
     /// <summary>
     /// Configures OpenIddict to use the specified entity as the default scope entity.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder SetDefaultScopeEntity<TScope>() where TScope : class
         => SetDefaultScopeEntity(typeof(TScope));
 
@@ -708,7 +708,7 @@ public class OpenIddictCoreBuilder
     /// Configures OpenIddict to use the specified entity as the default scope entity.
     /// </summary>
     /// <param name="type">The scope entity type.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder SetDefaultScopeEntity(Type type)
     {
         if (type is null)
@@ -727,7 +727,7 @@ public class OpenIddictCoreBuilder
     /// <summary>
     /// Configures OpenIddict to use the specified entity as the default token entity.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder SetDefaultTokenEntity<TToken>() where TToken : class
         => SetDefaultTokenEntity(typeof(TToken));
 
@@ -735,7 +735,7 @@ public class OpenIddictCoreBuilder
     /// Configures OpenIddict to use the specified entity as the default token entity.
     /// </summary>
     /// <param name="type">The token entity type.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder SetDefaultTokenEntity(Type type)
     {
         if (type is null)
@@ -756,7 +756,7 @@ public class OpenIddictCoreBuilder
     /// after which the internal cache is automatically compacted.
     /// </summary>
     /// <param name="limit">The cache limit, in number of entries.</param>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public OpenIddictCoreBuilder SetEntityCacheLimit(int limit)
     {
         if (limit < 10)

src/OpenIddict.Core/OpenIddictCoreExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictCoreExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictBuilder"/> instance.</returns>
     public static OpenIddictCoreBuilder AddCore(this OpenIddictBuilder builder)
     {
         if (builder is null)
@@ -97,7 +97,7 @@ public static class OpenIddictCoreExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the core services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictBuilder"/> instance.</returns>
     public static OpenIddictBuilder AddCore(this OpenIddictBuilder builder, Action<OpenIddictCoreBuilder> configuration)
     {
         if (builder is null)

src/OpenIddict.EntityFramework/OpenIddictEntityFrameworkBuilder.cs

@@ -35,7 +35,7 @@ public class OpenIddictEntityFrameworkBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/> instance.</returns>
     public OpenIddictEntityFrameworkBuilder Configure(Action<OpenIddictEntityFrameworkOptions> configuration)
     {
         if (configuration is null)
@@ -52,7 +52,7 @@ public class OpenIddictEntityFrameworkBuilder
     /// Configures OpenIddict to use the specified entities, derived
     /// from the default OpenIddict Entity Framework 6.x entities.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/> instance.</returns>
     public OpenIddictEntityFrameworkBuilder ReplaceDefaultEntities<TApplication, TAuthorization, TScope, TToken, TKey>()
         where TApplication : OpenIddictEntityFrameworkApplication<TKey, TAuthorization, TToken>
         where TAuthorization : OpenIddictEntityFrameworkAuthorization<TKey, TApplication, TToken>
@@ -84,7 +84,7 @@ public class OpenIddictEntityFrameworkBuilder
     /// Configures the OpenIddict Entity Framework 6.x stores to use the specified database context type.
     /// </summary>
     /// <typeparam name="TContext">The type of the <see cref="DbContext"/> used by OpenIddict.</typeparam>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/> instance.</returns>
     public OpenIddictEntityFrameworkBuilder UseDbContext<TContext>()
         where TContext : DbContext
         => UseDbContext(typeof(TContext));
@@ -93,7 +93,7 @@ public class OpenIddictEntityFrameworkBuilder
     /// Configures the OpenIddict Entity Framework 6.x stores to use the specified database context type.
     /// </summary>
     /// <param name="type">The type of the <see cref="DbContext"/> used by OpenIddict.</param>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/> instance.</returns>
     public OpenIddictEntityFrameworkBuilder UseDbContext(Type type)
     {
         if (type is null)

src/OpenIddict.EntityFramework/OpenIddictEntityFrameworkExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictEntityFrameworkExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkBuilder"/> instance.</returns>
     public static OpenIddictEntityFrameworkBuilder UseEntityFramework(this OpenIddictCoreBuilder builder)
     {
         if (builder is null)
@@ -64,7 +64,7 @@ public static class OpenIddictEntityFrameworkExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the Entity Framework 6.x services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public static OpenIddictCoreBuilder UseEntityFramework(
         this OpenIddictCoreBuilder builder, Action<OpenIddictEntityFrameworkBuilder> configuration)
     {

src/OpenIddict.EntityFrameworkCore/OpenIddictEntityFrameworkCoreBuilder.cs

@@ -34,7 +34,7 @@ public class OpenIddictEntityFrameworkCoreBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/> instance.</returns>
     public OpenIddictEntityFrameworkCoreBuilder Configure(Action<OpenIddictEntityFrameworkCoreOptions> configuration)
     {
         if (configuration is null)
@@ -51,7 +51,7 @@ public class OpenIddictEntityFrameworkCoreBuilder
     /// Configures OpenIddict to use the default OpenIddict
     /// Entity Framework Core entities, with the specified key type.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/> instance.</returns>
     public OpenIddictEntityFrameworkCoreBuilder ReplaceDefaultEntities<TKey>()
         where TKey : notnull, IEquatable<TKey>
         => ReplaceDefaultEntities<OpenIddictEntityFrameworkCoreApplication<TKey>,
@@ -63,7 +63,7 @@ public class OpenIddictEntityFrameworkCoreBuilder
     /// Configures OpenIddict to use the specified entities, derived
     /// from the default OpenIddict Entity Framework Core entities.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/> instance.</returns>
     public OpenIddictEntityFrameworkCoreBuilder ReplaceDefaultEntities<TApplication, TAuthorization, TScope, TToken, TKey>()
         where TApplication : OpenIddictEntityFrameworkCoreApplication<TKey, TAuthorization, TToken>
         where TAuthorization : OpenIddictEntityFrameworkCoreAuthorization<TKey, TApplication, TToken>
@@ -86,7 +86,7 @@ public class OpenIddictEntityFrameworkCoreBuilder
     /// Configures the OpenIddict Entity Framework Core stores to use the specified database context type.
     /// </summary>
     /// <typeparam name="TContext">The type of the <see cref="DbContext"/> used by OpenIddict.</typeparam>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/> instance.</returns>
     public OpenIddictEntityFrameworkCoreBuilder UseDbContext<TContext>()
         where TContext : DbContext
         => UseDbContext(typeof(TContext));
@@ -95,7 +95,7 @@ public class OpenIddictEntityFrameworkCoreBuilder
     /// Configures the OpenIddict Entity Framework Core stores to use the specified database context type.
     /// </summary>
     /// <param name="type">The type of the <see cref="DbContext"/> used by OpenIddict.</param>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/> instance.</returns>
     public OpenIddictEntityFrameworkCoreBuilder UseDbContext(Type type)
     {
         if (type is null)

src/OpenIddict.EntityFrameworkCore/OpenIddictEntityFrameworkCoreExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictEntityFrameworkCoreExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictEntityFrameworkCoreBuilder"/> instance.</returns>
     public static OpenIddictEntityFrameworkCoreBuilder UseEntityFrameworkCore(this OpenIddictCoreBuilder builder)
     {
         if (builder is null)
@@ -64,7 +64,7 @@ public static class OpenIddictEntityFrameworkCoreExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the Entity Framework Core services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public static OpenIddictCoreBuilder UseEntityFrameworkCore(
         this OpenIddictCoreBuilder builder, Action<OpenIddictEntityFrameworkCoreBuilder> configuration)
     {

src/OpenIddict.MongoDb/OpenIddictMongoDbBuilder.cs

@@ -34,7 +34,7 @@ public class OpenIddictMongoDbBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder Configure(Action<OpenIddictMongoDbOptions> configuration)
     {
         if (configuration is null)
@@ -50,7 +50,7 @@ public class OpenIddictMongoDbBuilder
     /// <summary>
     /// Configures OpenIddict to use the specified entity as the default application entity.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder ReplaceDefaultApplicationEntity<TApplication>()
         where TApplication : OpenIddictMongoDbApplication
     {
@@ -62,7 +62,7 @@ public class OpenIddictMongoDbBuilder
     /// <summary>
     /// Configures OpenIddict to use the specified entity as the default authorization entity.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder ReplaceDefaultAuthorizationEntity<TAuthorization>()
         where TAuthorization : OpenIddictMongoDbAuthorization
     {
@@ -74,7 +74,7 @@ public class OpenIddictMongoDbBuilder
     /// <summary>
     /// Configures OpenIddict to use the specified entity as the default scope entity.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder ReplaceDefaultScopeEntity<TScope>()
         where TScope : OpenIddictMongoDbScope
     {
@@ -86,7 +86,7 @@ public class OpenIddictMongoDbBuilder
     /// <summary>
     /// Configures OpenIddict to use the specified entity as the default token entity.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder ReplaceDefaultTokenEntity<TToken>()
         where TToken : OpenIddictMongoDbToken
     {
@@ -99,7 +99,7 @@ public class OpenIddictMongoDbBuilder
     /// Replaces the default applications collection name (by default, openiddict.applications).
     /// </summary>
     /// <param name="name">The collection name</param>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder SetApplicationsCollectionName(string name)
     {
         if (string.IsNullOrEmpty(name))
@@ -114,7 +114,7 @@ public class OpenIddictMongoDbBuilder
     /// Replaces the default authorizations collection name (by default, openiddict.authorizations).
     /// </summary>
     /// <param name="name">The collection name</param>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder SetAuthorizationsCollectionName(string name)
     {
         if (string.IsNullOrEmpty(name))
@@ -129,7 +129,7 @@ public class OpenIddictMongoDbBuilder
     /// Replaces the default scopes collection name (by default, openiddict.scopes).
     /// </summary>
     /// <param name="name">The collection name</param>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder SetScopesCollectionName(string name)
     {
         if (string.IsNullOrEmpty(name))
@@ -144,7 +144,7 @@ public class OpenIddictMongoDbBuilder
     /// Replaces the default tokens collection name (by default, openiddict.tokens).
     /// </summary>
     /// <param name="name">The collection name</param>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder SetTokensCollectionName(string name)
     {
         if (string.IsNullOrEmpty(name))
@@ -160,7 +160,7 @@ public class OpenIddictMongoDbBuilder
     /// instead of retrieving it from the dependency injection container.
     /// </summary>
     /// <param name="database">The <see cref="IMongoDatabase"/>.</param>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public OpenIddictMongoDbBuilder UseDatabase(IMongoDatabase database)
     {
         if (database is null)

src/OpenIddict.MongoDb/OpenIddictMongoDbExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictMongoDbExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictMongoDbBuilder"/> instance.</returns>
     public static OpenIddictMongoDbBuilder UseMongoDb(this OpenIddictCoreBuilder builder)
     {
         if (builder is null)
@@ -62,7 +62,7 @@ public static class OpenIddictMongoDbExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the MongoDB services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public static OpenIddictCoreBuilder UseMongoDb(
         this OpenIddictCoreBuilder builder, Action<OpenIddictMongoDbBuilder> configuration)
     {

src/OpenIddict.Quartz/OpenIddictQuartzBuilder.cs

@@ -32,7 +32,7 @@ public class OpenIddictQuartzBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictQuartzBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictQuartzBuilder"/> instance.</returns>
     public OpenIddictQuartzBuilder Configure(Action<OpenIddictQuartzOptions> configuration)
     {
         if (configuration is null)
@@ -48,14 +48,14 @@ public class OpenIddictQuartzBuilder
     /// <summary>
     /// Disables authorizations pruning.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictQuartzBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictQuartzBuilder"/> instance.</returns>
     public OpenIddictQuartzBuilder DisableAuthorizationPruning()
         => Configure(options => options.DisableAuthorizationPruning = true);
 
     /// <summary>
     /// Disables tokens pruning.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictQuartzBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictQuartzBuilder"/> instance.</returns>
     public OpenIddictQuartzBuilder DisableTokenPruning()
         => Configure(options => options.DisableTokenPruning = true);
 
@@ -63,7 +63,7 @@ public class OpenIddictQuartzBuilder
     /// Sets the number of times a failed Quartz.NET job can be retried.
     /// </summary>
     /// <param name="count">The number of times a failed Quartz.NET job can be retried.</param>
-    /// <returns>The <see cref="OpenIddictQuartzBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictQuartzBuilder"/> instance.</returns>
     public OpenIddictQuartzBuilder SetMaximumRefireCount(int count)
     {
         if (count < 0)
@@ -78,7 +78,7 @@ public class OpenIddictQuartzBuilder
     /// Sets the minimum lifespan authorizations must have to be pruned.
     /// </summary>
     /// <param name="lifespan">The minimum lifespan authorizations must have to be pruned.</param>
-    /// <returns>The <see cref="OpenIddictQuartzBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictQuartzBuilder"/> instance.</returns>
     public OpenIddictQuartzBuilder SetMinimumAuthorizationLifespan(TimeSpan lifespan)
     {
         if (lifespan < TimeSpan.FromMinutes(10))
@@ -93,7 +93,7 @@ public class OpenIddictQuartzBuilder
     /// Sets the minimum lifespan tokens must have to be pruned.
     /// </summary>
     /// <param name="lifespan">The minimum lifespan tokens must have to be pruned.</param>
-    /// <returns>The <see cref="OpenIddictQuartzBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictQuartzBuilder"/> instance.</returns>
     public OpenIddictQuartzBuilder SetMinimumTokenLifespan(TimeSpan lifespan)
     {
         if (lifespan < TimeSpan.FromMinutes(10))

src/OpenIddict.Quartz/OpenIddictQuartzExtensions.cs

@@ -20,7 +20,7 @@ public static class OpenIddictQuartzExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictQuartzBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictQuartzBuilder"/> instance.</returns>
     public static OpenIddictQuartzBuilder UseQuartz(this OpenIddictCoreBuilder builder)
     {
         if (builder is null)
@@ -47,7 +47,7 @@ public static class OpenIddictQuartzExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the Quartz.NET services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictCoreBuilder"/> instance.</returns>
     public static OpenIddictCoreBuilder UseQuartz(
         this OpenIddictCoreBuilder builder, Action<OpenIddictQuartzBuilder> configuration)
     {

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreBuilder.cs

@@ -35,7 +35,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder Configure(Action<OpenIddictServerAspNetCoreOptions> configuration)
     {
         if (configuration is null)
@@ -51,7 +51,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// <summary>
     /// Disables the transport security requirement (HTTPS).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder DisableTransportSecurityRequirement()
         => Configure(options => options.DisableTransportSecurityRequirement = true);
 
@@ -61,7 +61,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder EnableAuthorizationEndpointPassthrough()
         => Configure(options => options.EnableAuthorizationEndpointPassthrough = true);
 
@@ -74,7 +74,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// <remarks>
     /// Important: the error pass-through mode cannot be used when the status code pages integration is enabled.
     /// </remarks>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictServerAspNetCoreBuilder EnableErrorPassthrough()
         => Configure(options => options.EnableErrorPassthrough = true);
@@ -85,7 +85,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder EnableLogoutEndpointPassthrough()
         => Configure(options => options.EnableLogoutEndpointPassthrough = true);
 
@@ -95,7 +95,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder EnableTokenEndpointPassthrough()
         => Configure(options => options.EnableTokenEndpointPassthrough = true);
 
@@ -105,7 +105,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder EnableUserinfoEndpointPassthrough()
         => Configure(options => options.EnableUserinfoEndpointPassthrough = true);
 
@@ -115,7 +115,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder EnableVerificationEndpointPassthrough()
         => Configure(options => options.EnableVerificationEndpointPassthrough = true);
 
@@ -126,7 +126,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// when using external authentication providers or when large GET or POST
     /// OpenID Connect authorization requests support is required.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder EnableAuthorizationRequestCaching()
         => Configure(options => options.EnableAuthorizationRequestCaching = true);
 
@@ -134,7 +134,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Enables logout request caching, so that logout requests
     /// are automatically stored in the distributed cache.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder EnableLogoutRequestCaching()
         => Configure(options => options.EnableLogoutRequestCaching = true);
 
@@ -142,7 +142,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Enables status code pages integration support. Once enabled, errors
     /// generated by the interactive endpoints can be handled by ASP.NET Core.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder EnableStatusCodePagesIntegration()
         => Configure(options => options.EnableStatusCodePagesIntegration = true);
 
@@ -150,7 +150,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Sets the realm returned to the caller as part of the WWW-Authenticate header.
     /// </summary>
     /// <param name="realm">The issuer address.</param>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder SetRealm(string realm)
     {
         if (string.IsNullOrEmpty(realm))
@@ -166,7 +166,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Note: the specified policy is only used when caching is explicitly enabled.
     /// </summary>
     /// <param name="policy">The caching policy.</param>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder SetAuthorizationRequestCachingPolicy(DistributedCacheEntryOptions policy)
     {
         if (policy is null)
@@ -182,7 +182,7 @@ public class OpenIddictServerAspNetCoreBuilder
     /// Note: the specified policy is only used when caching is explicitly enabled.
     /// </summary>
     /// <param name="policy">The caching policy.</param>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictServerAspNetCoreBuilder SetLogoutRequestCachingPolicy(DistributedCacheEntryOptions policy)
     {
         if (policy is null)

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictServerAspNetCoreExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/> instance.</returns>
     public static OpenIddictServerAspNetCoreBuilder UseAspNetCore(this OpenIddictServerBuilder builder)
     {
         if (builder is null)
@@ -71,7 +71,7 @@ public static class OpenIddictServerAspNetCoreExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the server services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public static OpenIddictServerBuilder UseAspNetCore(
         this OpenIddictServerBuilder builder, Action<OpenIddictServerAspNetCoreBuilder> configuration)
     {

src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionBuilder.cs

@@ -34,7 +34,7 @@ public class OpenIddictServerDataProtectionBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/> instance.</returns>
     public OpenIddictServerDataProtectionBuilder Configure(Action<OpenIddictServerDataProtectionOptions> configuration)
     {
         if (configuration is null)
@@ -52,7 +52,7 @@ public class OpenIddictServerDataProtectionBuilder
     /// instead of relying on the default instance provided by the DI container.
     /// </summary>
     /// <param name="provider">The data protection provider used to create token protectors.</param>
-    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/> instance.</returns>
     public OpenIddictServerDataProtectionBuilder UseDataProtectionProvider(IDataProtectionProvider provider)
     {
         if (provider is null)
@@ -67,7 +67,7 @@ public class OpenIddictServerDataProtectionBuilder
     /// Configures OpenIddict to use a specific formatter instead of relying on the default instance.
     /// </summary>
     /// <param name="formatter">The formatter used to read and write tokens.</param>
-    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/> instance.</returns>
     public OpenIddictServerDataProtectionBuilder UseFormatter(IOpenIddictServerDataProtectionFormatter formatter)
     {
         if (formatter is null)
@@ -81,35 +81,35 @@ public class OpenIddictServerDataProtectionBuilder
     /// <summary>
     /// Configures OpenIddict to use the default token format (JWT) when issuing new access tokens.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/> instance.</returns>
     public OpenIddictServerDataProtectionBuilder PreferDefaultAccessTokenFormat()
         => Configure(options => options.PreferDefaultAccessTokenFormat = true);
 
     /// <summary>
     /// Configures OpenIddict to use the default token format (JWT) when issuing new authorization codes.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/> instance.</returns>
     public OpenIddictServerDataProtectionBuilder PreferDefaultAuthorizationCodeFormat()
         => Configure(options => options.PreferDefaultAuthorizationCodeFormat = true);
 
     /// <summary>
     /// Configures OpenIddict to use the default token format (JWT) when issuing new device codes.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/> instance.</returns>
     public OpenIddictServerDataProtectionBuilder PreferDefaultDeviceCodeFormat()
         => Configure(options => options.PreferDefaultDeviceCodeFormat = true);
 
     /// <summary>
     /// Configures OpenIddict to use the default token format (JWT) when issuing new refresh tokens.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/> instance.</returns>
     public OpenIddictServerDataProtectionBuilder PreferDefaultRefreshTokenFormat()
         => Configure(options => options.PreferDefaultRefreshTokenFormat = true);
 
     /// <summary>
     /// Configures OpenIddict to use the default token format (JWT) when issuing new user codes.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerDataProtectionBuilder"/> instance.</returns>
     public OpenIddictServerDataProtectionBuilder PreferDefaultUserCodeFormat()
         => Configure(options => options.PreferDefaultUserCodeFormat = true);
 

src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionExtensions.cs

@@ -22,7 +22,7 @@ public static class OpenIddictServerDataProtectionExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public static OpenIddictServerDataProtectionBuilder UseDataProtection(this OpenIddictServerBuilder builder)
     {
         if (builder is null)
@@ -56,7 +56,7 @@ public static class OpenIddictServerDataProtectionExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the server services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public static OpenIddictServerBuilder UseDataProtection(
         this OpenIddictServerBuilder builder, Action<OpenIddictServerDataProtectionBuilder> configuration)
     {

src/OpenIddict.Server.Owin/OpenIddictServerOwinBuilder.cs

@@ -35,7 +35,7 @@ public class OpenIddictServerOwinBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder Configure(Action<OpenIddictServerOwinOptions> configuration)
     {
         if (configuration is null)
@@ -51,7 +51,7 @@ public class OpenIddictServerOwinBuilder
     /// <summary>
     /// Disables the transport security requirement (HTTPS).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder DisableTransportSecurityRequirement()
         => Configure(options => options.DisableTransportSecurityRequirement = true);
 
@@ -61,7 +61,7 @@ public class OpenIddictServerOwinBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder EnableAuthorizationEndpointPassthrough()
         => Configure(options => options.EnableAuthorizationEndpointPassthrough = true);
 
@@ -71,7 +71,7 @@ public class OpenIddictServerOwinBuilder
     /// When this option is enabled, special logic must be added to these actions to handle errors, that can be
     /// retrieved using <see cref="OpenIddictServerOwinHelpers.GetOpenIddictServerResponse(IOwinContext)"/>
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictServerOwinBuilder EnableErrorPassthrough()
         => Configure(options => options.EnableErrorPassthrough = true);
@@ -82,7 +82,7 @@ public class OpenIddictServerOwinBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder EnableLogoutEndpointPassthrough()
         => Configure(options => options.EnableLogoutEndpointPassthrough = true);
 
@@ -92,7 +92,7 @@ public class OpenIddictServerOwinBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder EnableTokenEndpointPassthrough()
         => Configure(options => options.EnableTokenEndpointPassthrough = true);
 
@@ -102,7 +102,7 @@ public class OpenIddictServerOwinBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder EnableUserinfoEndpointPassthrough()
         => Configure(options => options.EnableUserinfoEndpointPassthrough = true);
 
@@ -112,7 +112,7 @@ public class OpenIddictServerOwinBuilder
     /// Once validated, the rest of the request processing pipeline is invoked, so that OpenID Connect requests
     /// can be handled at a later stage (in a custom middleware or in a MVC controller, for instance).
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder EnableVerificationEndpointPassthrough()
         => Configure(options => options.EnableVerificationEndpointPassthrough = true);
 
@@ -123,7 +123,7 @@ public class OpenIddictServerOwinBuilder
     /// when using external authentication providers or when large GET or POST
     /// OpenID Connect authorization requests support is required.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder EnableAuthorizationRequestCaching()
         => Configure(options => options.EnableAuthorizationRequestCaching = true);
 
@@ -131,7 +131,7 @@ public class OpenIddictServerOwinBuilder
     /// Enables logout request caching, so that logout requests
     /// are automatically stored in the distributed cache.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder EnableLogoutRequestCaching()
         => Configure(options => options.EnableLogoutRequestCaching = true);
 
@@ -139,7 +139,7 @@ public class OpenIddictServerOwinBuilder
     /// Sets the realm returned to the caller as part of the WWW-Authenticate header.
     /// </summary>
     /// <param name="realm">The issuer address.</param>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder SetRealm(string realm)
     {
         if (string.IsNullOrEmpty(realm))
@@ -155,7 +155,7 @@ public class OpenIddictServerOwinBuilder
     /// Note: the specified policy is only used when caching is explicitly enabled.
     /// </summary>
     /// <param name="policy">The caching policy.</param>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder SetAuthorizationRequestCachingPolicy(DistributedCacheEntryOptions policy)
     {
         if (policy is null)
@@ -171,7 +171,7 @@ public class OpenIddictServerOwinBuilder
     /// Note: the specified policy is only used when caching is explicitly enabled.
     /// </summary>
     /// <param name="policy">The caching policy.</param>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public OpenIddictServerOwinBuilder SetLogoutRequestCachingPolicy(DistributedCacheEntryOptions policy)
     {
         if (policy is null)

src/OpenIddict.Server.Owin/OpenIddictServerOwinExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictServerOwinExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerOwinBuilder"/> instance.</returns>
     public static OpenIddictServerOwinBuilder UseOwin(this OpenIddictServerBuilder builder)
     {
         if (builder is null)
@@ -69,7 +69,7 @@ public static class OpenIddictServerOwinExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the server services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public static OpenIddictServerBuilder UseOwin(
         this OpenIddictServerBuilder builder, Action<OpenIddictServerOwinBuilder> configuration)
     {

src/OpenIddict.Server.Owin/OpenIddictServerOwinHelpers.cs

@@ -20,7 +20,7 @@ public static class OpenIddictServerOwinHelpers
     /// middleware resolution (like Autofac), calling this method is NOT recommended.
     /// </summary>
     /// <param name="app">The application builder used to register middleware instances.</param>
-    /// <returns>The <see cref="IAppBuilder"/>.</returns>
+    /// <returns>The <see cref="IAppBuilder"/> instance.</returns>
     public static IAppBuilder UseOpenIddictServer(this IAppBuilder app)
     {
         if (app is null)

src/OpenIddict.Server/OpenIddictServerBuilder.cs

@@ -39,7 +39,7 @@ public class OpenIddictServerBuilder
     /// </summary>
     /// <typeparam name="TContext">The event context type.</typeparam>
     /// <param name="configuration">The configuration delegate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictServerBuilder AddEventHandler<TContext>(
         Action<OpenIddictServerHandlerDescriptor.Builder<TContext>> configuration)
@@ -63,7 +63,7 @@ public class OpenIddictServerBuilder
     /// Registers an event handler using the specified descriptor.
     /// </summary>
     /// <param name="descriptor">The handler descriptor.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictServerBuilder AddEventHandler(OpenIddictServerHandlerDescriptor descriptor)
     {
@@ -82,7 +82,7 @@ public class OpenIddictServerBuilder
     /// Removes the event handler that matches the specified descriptor.
     /// </summary>
     /// <param name="descriptor">The descriptor corresponding to the handler to remove.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictServerBuilder RemoveEventHandler(OpenIddictServerHandlerDescriptor descriptor)
     {
@@ -112,7 +112,7 @@ public class OpenIddictServerBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder Configure(Action<OpenIddictServerOptions> configuration)
     {
         if (configuration is null)
@@ -130,7 +130,7 @@ public class OpenIddictServerBuilder
     /// requests that don't specify a client_id are not automatically rejected.
     /// Enabling this option is NOT recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AcceptAnonymousClients()
         => Configure(options => options.AcceptAnonymousClients = true);
 
@@ -138,7 +138,7 @@ public class OpenIddictServerBuilder
     /// Registers encryption credentials.
     /// </summary>
     /// <param name="credentials">The encrypting credentials.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEncryptionCredentials(EncryptingCredentials credentials)
     {
         if (credentials is null)
@@ -153,7 +153,7 @@ public class OpenIddictServerBuilder
     /// Registers an encryption key.
     /// </summary>
     /// <param name="key">The security key.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEncryptionKey(SecurityKey key)
     {
         if (key is null)
@@ -191,7 +191,7 @@ public class OpenIddictServerBuilder
     /// <summary>
     /// Registers (and generates if necessary) a user-specific development encryption certificate.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddDevelopmentEncryptionCertificate()
         => AddDevelopmentEncryptionCertificate(new X500DistinguishedName("CN=OpenIddict Server Encryption Certificate"));
 
@@ -199,7 +199,7 @@ public class OpenIddictServerBuilder
     /// Registers (and generates if necessary) a user-specific development encryption certificate.
     /// </summary>
     /// <param name="subject">The subject name associated with the certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the server options.")]
     public OpenIddictServerBuilder AddDevelopmentEncryptionCertificate(X500DistinguishedName subject)
@@ -278,7 +278,7 @@ public class OpenIddictServerBuilder
     /// automatically invalidated. This method should only be used during development.
     /// On production, using a X.509 certificate stored in the machine store is recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEphemeralEncryptionKey()
         => AddEphemeralEncryptionKey(SecurityAlgorithms.RsaOAEP);
 
@@ -289,7 +289,7 @@ public class OpenIddictServerBuilder
     /// On production, using a X.509 certificate stored in the machine store is recommended.
     /// </summary>
     /// <param name="algorithm">The algorithm associated with the encryption key.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEphemeralEncryptionKey(string algorithm)
     {
         if (string.IsNullOrEmpty(algorithm))
@@ -362,7 +362,7 @@ public class OpenIddictServerBuilder
     /// Registers an encryption certificate.
     /// </summary>
     /// <param name="certificate">The encryption certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEncryptionCertificate(X509Certificate2 certificate)
     {
         if (certificate is null)
@@ -395,7 +395,7 @@ public class OpenIddictServerBuilder
     /// <param name="assembly">The assembly containing the certificate.</param>
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEncryptionCertificate(Assembly assembly, string resource, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
         // Note: ephemeral key sets are currently not supported on macOS.
@@ -413,7 +413,7 @@ public class OpenIddictServerBuilder
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
     /// <param name="flags">An enumeration of flags indicating how and where to store the private key of the certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEncryptionCertificate(
         Assembly assembly, string resource,
         string? password, X509KeyStorageFlags flags)
@@ -439,7 +439,7 @@ public class OpenIddictServerBuilder
     /// </summary>
     /// <param name="stream">The stream containing the certificate.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
         // Note: ephemeral key sets are currently not supported on macOS.
@@ -459,7 +459,7 @@ public class OpenIddictServerBuilder
     /// An enumeration of flags indicating how and where
     /// to store the private key of the certificate.
     /// </param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the server options.")]
     public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string? password, X509KeyStorageFlags flags)
@@ -479,7 +479,7 @@ public class OpenIddictServerBuilder
     /// Registers an encryption certificate retrieved from the X.509 user or machine store.
     /// </summary>
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEncryptionCertificate(string thumbprint)
     {
         if (string.IsNullOrEmpty(thumbprint))
@@ -509,7 +509,7 @@ public class OpenIddictServerBuilder
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
     /// <param name="name">The name of the X.509 store.</param>
     /// <param name="location">The location of the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEncryptionCertificate(string thumbprint, StoreName name, StoreLocation location)
     {
         if (string.IsNullOrEmpty(thumbprint))
@@ -530,7 +530,7 @@ public class OpenIddictServerBuilder
     /// Registers signing credentials.
     /// </summary>
     /// <param name="credentials">The signing credentials.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddSigningCredentials(SigningCredentials credentials)
     {
         if (credentials is null)
@@ -545,7 +545,7 @@ public class OpenIddictServerBuilder
     /// Registers a signing key.
     /// </summary>
     /// <param name="key">The security key.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddSigningKey(SecurityKey key)
     {
         if (key is null)
@@ -601,7 +601,7 @@ public class OpenIddictServerBuilder
     /// <summary>
     /// Registers (and generates if necessary) a user-specific development signing certificate.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddDevelopmentSigningCertificate()
         => AddDevelopmentSigningCertificate(new X500DistinguishedName("CN=OpenIddict Server Signing Certificate"));
 
@@ -609,7 +609,7 @@ public class OpenIddictServerBuilder
     /// Registers (and generates if necessary) a user-specific development signing certificate.
     /// </summary>
     /// <param name="subject">The subject name associated with the certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the server options.")]
     public OpenIddictServerBuilder AddDevelopmentSigningCertificate(X500DistinguishedName subject)
@@ -688,7 +688,7 @@ public class OpenIddictServerBuilder
     /// automatically invalidated. This method should only be used during development.
     /// On production, using a X.509 certificate stored in the machine store is recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddEphemeralSigningKey()
         => AddEphemeralSigningKey(SecurityAlgorithms.RsaSha256);
 
@@ -699,7 +699,7 @@ public class OpenIddictServerBuilder
     /// On production, using a X.509 certificate stored in the machine store is recommended.
     /// </summary>
     /// <param name="algorithm">The algorithm associated with the signing key.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the server options.")]
     public OpenIddictServerBuilder AddEphemeralSigningKey(string algorithm)
@@ -790,7 +790,7 @@ public class OpenIddictServerBuilder
     /// Registers a signing certificate.
     /// </summary>
     /// <param name="certificate">The signing certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddSigningCertificate(X509Certificate2 certificate)
     {
         if (certificate is null)
@@ -823,7 +823,7 @@ public class OpenIddictServerBuilder
     /// <param name="assembly">The assembly containing the certificate.</param>
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddSigningCertificate(Assembly assembly, string resource, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
         // Note: ephemeral key sets are currently not supported on macOS.
@@ -841,7 +841,7 @@ public class OpenIddictServerBuilder
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
     /// <param name="flags">An enumeration of flags indicating how and where to store the private key of the certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddSigningCertificate(
         Assembly assembly, string resource,
         string? password, X509KeyStorageFlags flags)
@@ -867,7 +867,7 @@ public class OpenIddictServerBuilder
     /// </summary>
     /// <param name="stream">The stream containing the certificate.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
         // Note: ephemeral key sets are currently not supported on macOS.
@@ -887,7 +887,7 @@ public class OpenIddictServerBuilder
     /// An enumeration of flags indicating how and where
     /// to store the private key of the certificate.
     /// </param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the server options.")]
     public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string? password, X509KeyStorageFlags flags)
@@ -907,7 +907,7 @@ public class OpenIddictServerBuilder
     /// Registers a signing certificate retrieved from the X.509 user or machine store.
     /// </summary>
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddSigningCertificate(string thumbprint)
     {
         if (string.IsNullOrEmpty(thumbprint))
@@ -937,7 +937,7 @@ public class OpenIddictServerBuilder
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
     /// <param name="name">The name of the X.509 store.</param>
     /// <param name="location">The location of the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AddSigningCertificate(string thumbprint, StoreName name, StoreLocation location)
     {
         if (string.IsNullOrEmpty(thumbprint))
@@ -961,7 +961,7 @@ public class OpenIddictServerBuilder
     /// https://tools.ietf.org/html/rfc6749#section-4.1 and
     /// http://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AllowAuthorizationCodeFlow()
         => Configure(options =>
         {
@@ -980,7 +980,7 @@ public class OpenIddictServerBuilder
     /// Enables client credentials flow support. For more information about this
     /// specific OAuth 2.0 flow, visit https://tools.ietf.org/html/rfc6749#section-4.4.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AllowClientCredentialsFlow()
         => Configure(options => options.GrantTypes.Add(GrantTypes.ClientCredentials));
 
@@ -988,7 +988,7 @@ public class OpenIddictServerBuilder
     /// Enables custom grant type support.
     /// </summary>
     /// <param name="type">The grant type associated with the flow.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictServerBuilder AllowCustomFlow(string type)
     {
@@ -1004,7 +1004,7 @@ public class OpenIddictServerBuilder
     /// Enables device code flow support. For more information about this
     /// specific OAuth 2.0 flow, visit https://tools.ietf.org/html/rfc8628.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AllowDeviceCodeFlow()
         => Configure(options => options.GrantTypes.Add(GrantTypes.DeviceCode));
 
@@ -1013,7 +1013,7 @@ public class OpenIddictServerBuilder
     /// about this specific OpenID Connect flow, visit
     /// http://openid.net/specs/openid-connect-core-1_0.html#HybridFlowAuth.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AllowHybridFlow()
         => Configure(options =>
         {
@@ -1040,7 +1040,7 @@ public class OpenIddictServerBuilder
     /// The implicit flow is not recommended for new applications and should
     /// only be enabled when maintaining backward compatibility is important.
     /// </remarks>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AllowImplicitFlow()
         => Configure(options =>
         {
@@ -1058,7 +1058,7 @@ public class OpenIddictServerBuilder
     /// Enables none flow support. For more information about this specific OAuth 2.0 flow,
     /// visit https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#none.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AllowNoneFlow()
         => Configure(options => options.ResponseTypes.Add(ResponseTypes.None));
 
@@ -1070,7 +1070,7 @@ public class OpenIddictServerBuilder
     /// The password flow is not recommended for new applications and should
     /// only be enabled when maintaining backward compatibility is important.
     /// </remarks>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AllowPasswordFlow()
         => Configure(options => options.GrantTypes.Add(GrantTypes.Password));
 
@@ -1078,7 +1078,7 @@ public class OpenIddictServerBuilder
     /// Enables refresh token flow support. For more information about this
     /// specific OAuth 2.0 flow, visit https://tools.ietf.org/html/rfc6749#section-6.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder AllowRefreshTokenFlow()
         => Configure(options =>
         {
@@ -1093,7 +1093,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetAuthorizationEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1110,7 +1110,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetAuthorizationEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1141,7 +1141,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetConfigurationEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1158,7 +1158,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetConfigurationEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1189,7 +1189,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetCryptographyEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1206,7 +1206,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetCryptographyEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1237,7 +1237,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetDeviceEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1254,7 +1254,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetDeviceEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1285,7 +1285,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetIntrospectionEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1302,7 +1302,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetIntrospectionEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1333,7 +1333,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetLogoutEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1350,7 +1350,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetLogoutEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1381,7 +1381,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetRevocationEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1398,7 +1398,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetRevocationEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1429,7 +1429,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetTokenEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1446,7 +1446,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetTokenEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1477,7 +1477,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetUserinfoEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1494,7 +1494,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned as part of the discovery document.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetUserinfoEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1525,7 +1525,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned by the device endpoint.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetVerificationEndpointUris(params string[] addresses)
     {
         if (addresses is null)
@@ -1542,7 +1542,7 @@ public class OpenIddictServerBuilder
     /// Note: only the first address will be returned by the device endpoint.
     /// </summary>
     /// <param name="addresses">The addresses associated to the endpoint.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetVerificationEndpointUris(params Uri[] addresses)
     {
         if (addresses is null)
@@ -1572,7 +1572,7 @@ public class OpenIddictServerBuilder
     /// Disabling encryption is NOT recommended and SHOULD only be done when issuing tokens
     /// to third-party resource servers/APIs you don't control and don't fully trust.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder DisableAccessTokenEncryption()
         => Configure(options => options.DisableAccessTokenEncryption = true);
 
@@ -1582,7 +1582,7 @@ public class OpenIddictServerBuilder
     /// and can't be revoked to prevent associated tokens from being used.
     /// Using this option is generally NOT recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder DisableAuthorizationStorage()
         => Configure(options => options.DisableAuthorizationStorage = true);
 
@@ -1592,7 +1592,7 @@ public class OpenIddictServerBuilder
     /// as redeemed and can still be used until they expire. Disabling
     /// rolling refresh tokens is NOT recommended, for security reasons.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder DisableRollingRefreshTokens()
         => Configure(options => options.DisableRollingRefreshTokens = true);
 
@@ -1600,7 +1600,7 @@ public class OpenIddictServerBuilder
     /// Allows processing authorization and token requests that specify scopes that have not
     /// been registered using <see cref="RegisterScopes(string[])"/> or the scope manager.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder DisableScopeValidation()
         => Configure(options => options.DisableScopeValidation = true);
 
@@ -1609,7 +1609,7 @@ public class OpenIddictServerBuilder
     /// are issued with a fixed expiration date: when they expire, a complete
     /// authorization flow must be started to retrieve a new refresh token.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder DisableSlidingRefreshTokenExpiration()
         => Configure(options => options.DisableSlidingRefreshTokenExpiration = true);
 
@@ -1621,7 +1621,7 @@ public class OpenIddictServerBuilder
     /// Note: disabling token storage requires disabling sliding
     /// expiration or enabling rolling tokens.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder DisableTokenStorage()
         => Configure(options => options.DisableTokenStorage = true);
 
@@ -1630,7 +1630,7 @@ public class OpenIddictServerBuilder
     /// depend on the OpenIddict core managers are disabled. This option MUST be enabled with extreme
     /// caution and custom handlers MUST be registered to properly validate OpenID Connect requests.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictServerBuilder EnableDegradedMode()
         => Configure(options => options.EnableDegradedMode = true);
@@ -1638,28 +1638,28 @@ public class OpenIddictServerBuilder
     /// <summary>
     /// Disables endpoint permissions enforcement. Calling this method is NOT recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder IgnoreEndpointPermissions()
         => Configure(options => options.IgnoreEndpointPermissions = true);
 
     /// <summary>
     /// Disables grant type permissions enforcement. Calling this method is NOT recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder IgnoreGrantTypePermissions()
         => Configure(options => options.IgnoreGrantTypePermissions = true);
 
     /// <summary>
     /// Disables response type permissions enforcement. Calling this method is NOT recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder IgnoreResponseTypePermissions()
         => Configure(options => options.IgnoreResponseTypePermissions = true);
 
     /// <summary>
     /// Disables scope permissions enforcement. Calling this method is NOT recommended.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder IgnoreScopePermissions()
         => Configure(options => options.IgnoreScopePermissions = true);
 
@@ -1668,7 +1668,7 @@ public class OpenIddictServerBuilder
     /// they can be returned as part of the discovery document.
     /// </summary>
     /// <param name="claims">The supported claims.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder RegisterClaims(params string[] claims)
     {
         if (claims is null)
@@ -1689,7 +1689,7 @@ public class OpenIddictServerBuilder
     /// they can be returned as part of the discovery document.
     /// </summary>
     /// <param name="scopes">The supported scopes.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder RegisterScopes(params string[] scopes)
     {
         if (scopes is null)
@@ -1710,7 +1710,7 @@ public class OpenIddictServerBuilder
     /// (PKCE) when requesting an authorization code (e.g when using the code or hybrid flows).
     /// When enforced, authorization requests that lack the code_challenge will be rejected.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder RequireProofKeyForCodeExchange()
         => Configure(options => options.RequireProofKeyForCodeExchange = true);
 
@@ -1722,7 +1722,7 @@ public class OpenIddictServerBuilder
     /// While discouraged, <see langword="null"/> can be specified to issue tokens that never expire.
     /// </summary>
     /// <param name="lifetime">The access token lifetime.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetAccessTokenLifetime(TimeSpan? lifetime)
         => Configure(options => options.AccessTokenLifetime = lifetime);
 
@@ -1733,7 +1733,7 @@ public class OpenIddictServerBuilder
     /// While discouraged, <see langword="null"/> can be specified to issue codes that never expire.
     /// </summary>
     /// <param name="lifetime">The authorization code lifetime.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetAuthorizationCodeLifetime(TimeSpan? lifetime)
         => Configure(options => options.AuthorizationCodeLifetime = lifetime);
 
@@ -1744,7 +1744,7 @@ public class OpenIddictServerBuilder
     /// While discouraged, <see langword="null"/> can be specified to issue codes that never expire.
     /// </summary>
     /// <param name="lifetime">The authorization code lifetime.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetDeviceCodeLifetime(TimeSpan? lifetime)
         => Configure(options => options.DeviceCodeLifetime = lifetime);
 
@@ -1754,7 +1754,7 @@ public class OpenIddictServerBuilder
     /// While discouraged, <see langword="null"/> can be specified to issue tokens that never expire.
     /// </summary>
     /// <param name="lifetime">The identity token lifetime.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetIdentityTokenLifetime(TimeSpan? lifetime)
         => Configure(options => options.IdentityTokenLifetime = lifetime);
 
@@ -1766,7 +1766,7 @@ public class OpenIddictServerBuilder
     /// While discouraged, <see langword="null"/> can be specified to issue tokens that never expire.
     /// </summary>
     /// <param name="lifetime">The refresh token lifetime.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetRefreshTokenLifetime(TimeSpan? lifetime)
         => Configure(options => options.RefreshTokenLifetime = lifetime);
 
@@ -1775,7 +1775,7 @@ public class OpenIddictServerBuilder
     /// as redeemed can still be used to make concurrent refresh token requests.
     /// </summary>
     /// <param name="leeway">The refresh token reuse interval.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetRefreshTokenReuseLeeway(TimeSpan? leeway)
         => Configure(options => options.RefreshTokenReuseLeeway = leeway);
 
@@ -1785,7 +1785,7 @@ public class OpenIddictServerBuilder
     /// While discouraged, <see langword="null"/> can be specified to issue codes that never expire.
     /// </summary>
     /// <param name="lifetime">The authorization code lifetime.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetUserCodeLifetime(TimeSpan? lifetime)
         => Configure(options => options.UserCodeLifetime = lifetime);
 
@@ -1794,7 +1794,7 @@ public class OpenIddictServerBuilder
     /// for the endpoint URIs returned from the discovery endpoint.
     /// </summary>
     /// <param name="address">The issuer address.</param>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder SetIssuer(Uri address)
     {
         if (address is null)
@@ -1812,7 +1812,7 @@ public class OpenIddictServerBuilder
     /// but it is RECOMMENDED to enable column encryption in the database or use the ASP.NET Core
     /// Data Protection integration, that provides additional protection against token leakage.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder UseReferenceAccessTokens()
         => Configure(options => options.UseReferenceAccessTokens = true);
 
@@ -1823,7 +1823,7 @@ public class OpenIddictServerBuilder
     /// but it is RECOMMENDED to enable column encryption in the database or use the ASP.NET Core
     /// Data Protection integration, that provides additional protection against token leakage.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public OpenIddictServerBuilder UseReferenceRefreshTokens()
         => Configure(options => options.UseReferenceRefreshTokens = true);
 

src/OpenIddict.Server/OpenIddictServerExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictServerExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
     public static OpenIddictServerBuilder AddServer(this OpenIddictBuilder builder)
     {
         if (builder is null)
@@ -94,7 +94,7 @@ public static class OpenIddictServerExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the server services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictBuilder"/> instance.</returns>
     public static OpenIddictBuilder AddServer(this OpenIddictBuilder builder, Action<OpenIddictServerBuilder> configuration)
     {
         if (builder is null)

src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreBuilder.cs

@@ -33,7 +33,7 @@ public class OpenIddictValidationAspNetCoreBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictValidationAspNetCoreBuilder Configure(Action<OpenIddictValidationAspNetCoreOptions> configuration)
     {
         if (configuration is null)
@@ -50,7 +50,7 @@ public class OpenIddictValidationAspNetCoreBuilder
     /// Sets the realm returned to the caller as part of the WWW-Authenticate header.
     /// </summary>
     /// <param name="realm">The issuer address.</param>
-    /// <returns>The <see cref="OpenIddictValidationAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationAspNetCoreBuilder"/> instance.</returns>
     public OpenIddictValidationAspNetCoreBuilder SetRealm(string realm)
     {
         if (string.IsNullOrEmpty(realm))

src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictValidationAspNetCoreExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationAspNetCoreBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationAspNetCoreBuilder"/> instance.</returns>
     public static OpenIddictValidationAspNetCoreBuilder UseAspNetCore(this OpenIddictValidationBuilder builder)
     {
         if (builder is null)
@@ -59,7 +59,7 @@ public static class OpenIddictValidationAspNetCoreExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the validation services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public static OpenIddictValidationBuilder UseAspNetCore(
         this OpenIddictValidationBuilder builder, Action<OpenIddictValidationAspNetCoreBuilder> configuration)
     {

src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionBuilder.cs

@@ -34,7 +34,7 @@ public class OpenIddictValidationDataProtectionBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationDataProtectionBuilder"/> instance.</returns>
     public OpenIddictValidationDataProtectionBuilder Configure(Action<OpenIddictValidationDataProtectionOptions> configuration)
     {
         if (configuration is null)
@@ -52,7 +52,7 @@ public class OpenIddictValidationDataProtectionBuilder
     /// instead of relying on the default instance provided by the DI container.
     /// </summary>
     /// <param name="provider">The data protection provider used to create token protectors.</param>
-    /// <returns>The <see cref="OpenIddictValidationDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationDataProtectionBuilder"/> instance.</returns>
     public OpenIddictValidationDataProtectionBuilder UseDataProtectionProvider(IDataProtectionProvider provider)
     {
         if (provider is null)
@@ -67,7 +67,7 @@ public class OpenIddictValidationDataProtectionBuilder
     /// Configures OpenIddict to use a specific formatter instead of relying on the default instance.
     /// </summary>
     /// <param name="formatter">The formatter used to read tokens.</param>
-    /// <returns>The <see cref="OpenIddictValidationDataProtectionBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationDataProtectionBuilder"/> instance.</returns>
     public OpenIddictValidationDataProtectionBuilder UseFormatter(IOpenIddictValidationDataProtectionFormatter formatter)
     {
         if (formatter is null)

src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictValidationDataProtectionExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public static OpenIddictValidationDataProtectionBuilder UseDataProtection(this OpenIddictValidationBuilder builder)
     {
         if (builder is null)
@@ -51,7 +51,7 @@ public static class OpenIddictValidationDataProtectionExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the validation services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public static OpenIddictValidationBuilder UseDataProtection(
         this OpenIddictValidationBuilder builder, Action<OpenIddictValidationDataProtectionBuilder> configuration)
     {

src/OpenIddict.Validation.Owin/OpenIddictValidationOwinBuilder.cs

@@ -33,7 +33,7 @@ public class OpenIddictValidationOwinBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationOwinBuilder"/> instance.</returns>
     public OpenIddictValidationOwinBuilder Configure(Action<OpenIddictValidationOwinOptions> configuration)
     {
         if (configuration is null)
@@ -57,7 +57,7 @@ public class OpenIddictValidationOwinBuilder
     /// authentication middleware configured to use active authentication, as both middleware
     /// will be invoked when handling 401 responses, which will result in invalid responses.
     /// </remarks>
-    /// <returns>The <see cref="OpenIddictValidationOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationOwinBuilder"/> instance.</returns>
     public OpenIddictValidationOwinBuilder UseActiveAuthentication()
         => Configure(options => options.AuthenticationMode = AuthenticationMode.Active);
 
@@ -65,7 +65,7 @@ public class OpenIddictValidationOwinBuilder
     /// Sets the realm returned to the caller as part of the WWW-Authenticate header.
     /// </summary>
     /// <param name="realm">The issuer address.</param>
-    /// <returns>The <see cref="OpenIddictValidationOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationOwinBuilder"/> instance.</returns>
     public OpenIddictValidationOwinBuilder SetRealm(string realm)
     {
         if (string.IsNullOrEmpty(realm))

src/OpenIddict.Validation.Owin/OpenIddictValidationOwinExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictValidationOwinExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationOwinBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationOwinBuilder"/> instance.</returns>
     public static OpenIddictValidationOwinBuilder UseOwin(this OpenIddictValidationBuilder builder)
     {
         if (builder is null)
@@ -57,7 +57,7 @@ public static class OpenIddictValidationOwinExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the validation services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public static OpenIddictValidationBuilder UseOwin(
         this OpenIddictValidationBuilder builder, Action<OpenIddictValidationOwinBuilder> configuration)
     {

src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHelpers.cs

@@ -20,7 +20,7 @@ public static class OpenIddictValidationOwinHelpers
     /// middleware resolution (like Autofac), calling this method is NOT recommended.
     /// </summary>
     /// <param name="app">The application builder used to register middleware instances.</param>
-    /// <returns>The <see cref="IAppBuilder"/>.</returns>
+    /// <returns>The <see cref="IAppBuilder"/> instance.</returns>
     public static IAppBuilder UseOpenIddictValidation(this IAppBuilder app)
     {
         if (app is null)

src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationBuilder.cs

@@ -32,7 +32,7 @@ public class OpenIddictValidationServerIntegrationBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationServerIntegrationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationServerIntegrationBuilder"/> instance.</returns>
     public OpenIddictValidationServerIntegrationBuilder Configure(Action<OpenIddictValidationServerIntegrationOptions> configuration)
     {
         if (configuration is null)

src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationExtensions.cs

@@ -22,7 +22,7 @@ public static class OpenIddictValidationServerIntegrationExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationServerIntegrationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationServerIntegrationBuilder"/> instance.</returns>
     public static OpenIddictValidationServerIntegrationBuilder UseLocalServer(this OpenIddictValidationBuilder builder)
     {
         if (builder is null)
@@ -47,7 +47,7 @@ public static class OpenIddictValidationServerIntegrationExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the validation services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public static OpenIddictValidationBuilder UseLocalServer(
         this OpenIddictValidationBuilder builder, Action<OpenIddictValidationServerIntegrationBuilder> configuration)
     {

src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpBuilder.cs

@@ -35,7 +35,7 @@ public class OpenIddictValidationSystemNetHttpBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictValidationSystemNetHttpBuilder Configure(Action<OpenIddictValidationSystemNetHttpOptions> configuration)
     {
         if (configuration is null)
@@ -52,7 +52,7 @@ public class OpenIddictValidationSystemNetHttpBuilder
     /// Replaces the default HTTP error policy used by the OpenIddict client services.
     /// </summary>
     /// <param name="policy">The HTTP Polly error policy.</param>
-    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictValidationSystemNetHttpBuilder SetHttpErrorPolicy(IAsyncPolicy<HttpResponseMessage> policy)
     {
         if (policy is null)
@@ -68,7 +68,7 @@ public class OpenIddictValidationSystemNetHttpBuilder
     /// to the backchannel HTTP requests sent to the authorization server.
     /// </summary>
     /// <param name="information">The product information.</param>
-    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictValidationSystemNetHttpBuilder SetProductInformation(ProductInfoHeaderValue information)
     {
         if (information is null)
@@ -85,7 +85,7 @@ public class OpenIddictValidationSystemNetHttpBuilder
     /// </summary>
     /// <param name="name">The product name.</param>
     /// <param name="version">The product version.</param>
-    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictValidationSystemNetHttpBuilder SetProductInformation(string name, string? version)
     {
         if (string.IsNullOrEmpty(name))
@@ -102,7 +102,7 @@ public class OpenIddictValidationSystemNetHttpBuilder
     /// on the identity of the specified .NET assembly (name and version).
     /// </summary>
     /// <param name="assembly">The assembly from which the product information is created.</param>
-    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationSystemNetHttpBuilder"/> instance.</returns>
     public OpenIddictValidationSystemNetHttpBuilder SetProductInformation(Assembly assembly)
     {
         if (assembly is null)

src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpExtensions.cs

@@ -22,7 +22,7 @@ public static class OpenIddictValidationSystemNetHttpExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public static OpenIddictValidationSystemNetHttpBuilder UseSystemNetHttp(this OpenIddictValidationBuilder builder)
     {
         if (builder is null)
@@ -55,7 +55,7 @@ public static class OpenIddictValidationSystemNetHttpExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the validation services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictBuilder"/> instance.</returns>
     public static OpenIddictValidationBuilder UseSystemNetHttp(
         this OpenIddictValidationBuilder builder, Action<OpenIddictValidationSystemNetHttpBuilder> configuration)
     {

src/OpenIddict.Validation/OpenIddictValidationBuilder.cs

@@ -38,7 +38,7 @@ public class OpenIddictValidationBuilder
     /// </summary>
     /// <typeparam name="TContext">The event context type.</typeparam>
     /// <param name="configuration">The configuration delegate.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictValidationBuilder AddEventHandler<TContext>(
         Action<OpenIddictValidationHandlerDescriptor.Builder<TContext>> configuration)
@@ -62,7 +62,7 @@ public class OpenIddictValidationBuilder
     /// Registers an event handler using the specified descriptor.
     /// </summary>
     /// <param name="descriptor">The handler descriptor.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictValidationBuilder AddEventHandler(OpenIddictValidationHandlerDescriptor descriptor)
     {
@@ -81,7 +81,7 @@ public class OpenIddictValidationBuilder
     /// Removes the event handler that matches the specified descriptor.
     /// </summary>
     /// <param name="descriptor">The descriptor corresponding to the handler to remove.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     [EditorBrowsable(EditorBrowsableState.Advanced)]
     public OpenIddictValidationBuilder RemoveEventHandler(OpenIddictValidationHandlerDescriptor descriptor)
     {
@@ -111,7 +111,7 @@ public class OpenIddictValidationBuilder
     /// </summary>
     /// <param name="configuration">The delegate used to configure the OpenIddict options.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder Configure(Action<OpenIddictValidationOptions> configuration)
     {
         if (configuration is null)
@@ -128,7 +128,7 @@ public class OpenIddictValidationBuilder
     /// Registers encryption credentials.
     /// </summary>
     /// <param name="credentials">The encrypting credentials.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder AddEncryptionCredentials(EncryptingCredentials credentials)
     {
         if (credentials is null)
@@ -143,7 +143,7 @@ public class OpenIddictValidationBuilder
     /// Registers an encryption key.
     /// </summary>
     /// <param name="key">The security key.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder AddEncryptionKey(SecurityKey key)
     {
         if (key is null)
@@ -177,7 +177,7 @@ public class OpenIddictValidationBuilder
     /// Registers an encryption certificate.
     /// </summary>
     /// <param name="certificate">The encryption certificate.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder AddEncryptionCertificate(X509Certificate2 certificate)
     {
         if (certificate is null)
@@ -210,7 +210,7 @@ public class OpenIddictValidationBuilder
     /// <param name="assembly">The assembly containing the certificate.</param>
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder AddEncryptionCertificate(
         Assembly assembly, string resource, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
@@ -229,7 +229,7 @@ public class OpenIddictValidationBuilder
     /// <param name="resource">The name of the embedded resource.</param>
     /// <param name="password">The password used to open the certificate.</param>
     /// <param name="flags">An enumeration of flags indicating how and where to store the private key of the certificate.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder AddEncryptionCertificate(
         Assembly assembly, string resource,
         string? password, X509KeyStorageFlags flags)
@@ -255,7 +255,7 @@ public class OpenIddictValidationBuilder
     /// </summary>
     /// <param name="stream">The stream containing the certificate.</param>
     /// <param name="password">The password used to open the certificate.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder AddEncryptionCertificate(Stream stream, string? password)
 #if SUPPORTS_EPHEMERAL_KEY_SETS
         // Note: ephemeral key sets are currently not supported on macOS.
@@ -275,7 +275,7 @@ public class OpenIddictValidationBuilder
     /// An enumeration of flags indicating how and where
     /// to store the private key of the certificate.
     /// </param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
         Justification = "The X.509 certificate is attached to the server options.")]
     public OpenIddictValidationBuilder AddEncryptionCertificate(
@@ -296,7 +296,7 @@ public class OpenIddictValidationBuilder
     /// Registers an encryption certificate retrieved from the X.509 user or machine store.
     /// </summary>
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder AddEncryptionCertificate(string thumbprint)
     {
         if (string.IsNullOrEmpty(thumbprint))
@@ -326,7 +326,7 @@ public class OpenIddictValidationBuilder
     /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X.509 store.</param>
     /// <param name="name">The name of the X.509 store.</param>
     /// <param name="location">The location of the X.509 store.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder AddEncryptionCertificate(
         string thumbprint, StoreName name, StoreLocation location)
     {
@@ -350,7 +350,7 @@ public class OpenIddictValidationBuilder
     /// when the authorization server issues access tokens for multiple distinct resource servers.
     /// </summary>
     /// <param name="audiences">The audiences valid for this resource server.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder AddAudiences(params string[] audiences)
     {
         if (audiences is null)
@@ -372,7 +372,7 @@ public class OpenIddictValidationBuilder
     /// Note: enabling this option may have an impact on performance and
     /// can only be used with an OpenIddict-based authorization server.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder EnableAuthorizationEntryValidation()
         => Configure(options => options.EnableAuthorizationEntryValidation = true);
 
@@ -382,7 +382,7 @@ public class OpenIddictValidationBuilder
     /// Note: enabling this option may have an impact on performance but is required
     /// when the OpenIddict server is configured to use reference tokens.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder EnableTokenEntryValidation()
         => Configure(options => options.EnableTokenEntryValidation = true);
 
@@ -391,7 +391,7 @@ public class OpenIddictValidationBuilder
     /// resolve the metadata/introspection endpoints and the issuer signing keys.
     /// </summary>
     /// <param name="configuration">The server configuration.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder SetConfiguration(OpenIddictConfiguration configuration)
     {
         if (configuration is null)
@@ -407,7 +407,7 @@ public class OpenIddictValidationBuilder
     /// with the remote authorization server (e.g for introspection).
     /// </summary>
     /// <param name="identifier">The client identifier.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder SetClientId(string identifier)
     {
         if (string.IsNullOrEmpty(identifier))
@@ -423,7 +423,7 @@ public class OpenIddictValidationBuilder
     /// with the remote authorization server (e.g for introspection).
     /// </summary>
     /// <param name="secret">The client secret.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder SetClientSecret(string secret)
     {
         if (string.IsNullOrEmpty(secret))
@@ -439,7 +439,7 @@ public class OpenIddictValidationBuilder
     /// OAuth 2.0/OpenID Connect configuration document when using provider discovery.
     /// </summary>
     /// <param name="address">The issuer address.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder SetIssuer(Uri address)
     {
         if (address is null)
@@ -455,7 +455,7 @@ public class OpenIddictValidationBuilder
     /// OAuth 2.0/OpenID Connect configuration document when using provider discovery.
     /// </summary>
     /// <param name="address">The issuer address.</param>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder SetIssuer(string address)
     {
         if (string.IsNullOrEmpty(address))
@@ -474,7 +474,7 @@ public class OpenIddictValidationBuilder
     /// <summary>
     /// Configures OpenIddict to use introspection instead of local/direct validation.
     /// </summary>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public OpenIddictValidationBuilder UseIntrospection()
         => Configure(options => options.ValidationType = OpenIddictValidationType.Introspection);
 

src/OpenIddict.Validation/OpenIddictValidationExtensions.cs

@@ -21,7 +21,7 @@ public static class OpenIddictValidationExtensions
     /// </summary>
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictValidationBuilder"/> instance.</returns>
     public static OpenIddictValidationBuilder AddValidation(this OpenIddictBuilder builder)
     {
         if (builder is null)
@@ -61,7 +61,7 @@ public static class OpenIddictValidationExtensions
     /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
     /// <param name="configuration">The configuration delegate used to configure the validation services.</param>
     /// <remarks>This extension can be safely called multiple times.</remarks>
-    /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
+    /// <returns>The <see cref="OpenIddictBuilder"/> instance.</returns>
     public static OpenIddictBuilder AddValidation(
         this OpenIddictBuilder builder,
         Action<OpenIddictValidationBuilder> configuration)