要回答您的问题:

1)毫无疑问，您的WebApi 2.2项目使用的是ASP.NET 4.x中的OWIN/Katana，这意味着您应该使用IdentityServer3.AccessTokenValidation. IdentityServer4.AccessTokenValidation与新的ASP.NET MVC Core管道兼容.

1) Your WebApi 2.2 project is undoubtedly using OWIN/Katana from ASP.NET 4.x which means you should to use IdentityServer3.AccessTokenValidation. IdentityServer4.AccessTokenValidation is compatible with the new ASP.NET MVC Core pipeline.

2)您可以通过访问{IdentityUrl}/.well-known/openid-configuration上的身份提供者发现文档来获得授权.授权应与发现文档中的发行者"值相同.您还可以通过查看身份提供者发出的JWT(通过查看"iss"声明)来获得授权.

2) You can get your authority by going to your identity providers discovery document at {IdentityUrl}/.well-known/openid-configuration. The authority should be the same one as the "issuer" value in the discovery document. You can also get the authority by looking at a JWT issued by your identity provider by looking at the "iss" claim.