.net core identity server 4 api客户端不断重复401未经授权

我有3个不同的项目

身份服务器

Api服务器（负责为客户端提供Api）

客户端服务器（负责表示）

为了制作一个安全的webapp，我决定使用identity server。我的身份配置如下

public static class Config
{
    public static IEnumerable<IdentityResource> IdentityResources =>
        new IdentityResource[]
        {
            new IdentityResources.OpenId(),
            new IdentityResources.Profile()
        };

    public static IEnumerable<ApiResource> ApiResources =>
        new ApiResource[]
        {
            new ApiResource(name: "web-api-rms", displayName: "Web API RMS")
        };

    public static IEnumerable<ApiScope> ApiScopes =>
        new ApiScope[]
        {
            new ApiScope("web-rms"),
            new ApiScope("web-api-rms"),
        };

    public static IEnumerable<Client> Clients =>
        new Client[]
        {
            new Client
            {
                ClientId = "web-rms",
                ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) },

                AllowedGrantTypes = GrantTypes.Code,

                RedirectUris = { "http://localhost:1901/signin-oidc" },
                FrontChannelLogoutUri = "http://localhost:1901/signout-oidc",
                PostLogoutRedirectUris = { "http://localhost:1901/signout-callback-oidc" },

                AllowOfflineAccess = true,
                AllowedScopes = { "openid", "profile", "web-rms", "web-api-rms" }
            }
        };
}
}

services.AddAuthentication("Bearer")
                    .AddJwtBearer("Bearer", options =>
                    {
                        options.Authority = "https://localhost:5001/";
                        options.RequireHttpsMetadata = true;
                        options.Audience = "web-api-rms";
                    });

现在的问题是，每当我尝试使用承载令牌访问API时，它总是返回一个未经授权的消息

---

我如何解决它？？？

API中的日志说明了什么？我找到了答案。我只是忘了在ApiResources上添加作用域