Clik here to view.
SAML2p Identity Provider Support for IdentityServer4
One very common feature request is support for acting as a SAML2p identity provider. This is not a trivial task, but our friends at Rock Solid Knowledge were working hard, and now published a beta...
View ArticleClik here to view.
Templates for IdentityServer4 v2
I finally found the time to update the templates for IdentityServer4 to version 2. You can find the source code and instructions here. To be honest, I didn’t have time to research more advanced...
View ArticleUsing iOS11 SFAuthenticationSession with IdentityModel.OidcClient
Starting with iOS 11, there’s a special system service for browser-based authentication called SFAuthenticationSession. This is the recommended approach for OpenID Connect and OAuth 2 native iOS...
View ArticleEnd of IdentityServer3 Maintenance
Yesterday we made the decision to stop development and maintenance of IdentityServer3. This has a couple of reasons: IdentityServer4 is the better OpenID Connect and OAuth 2 implementation in every...
View ArticleMissing Claims in the ASP.NET Core 2 OpenID Connect Handler?
The new OpenID Connect handler in ASP.NET Core 2 has a different (aka breaking) behavior when it comes to mapping claims from an OIDC provider to the resulting ClaimsPrincipal. This is especially...
View ArticleUpdated Templates for IdentityServer4
We finally found the time to put more work into our templates. dotnet new is4empty Creates a minimal IdentityServer4 project without a UI. dotnet new is4ui Adds the quickstart UI to the current project...
View ArticleSponsoring IdentityServer
Brock and I have been working on free identity & access control related libraries since 2009. This all started as a hobby project, and I can very well remember the day when I said to Brock that we...
View ArticleNDC London 2018: IdentityServer Update
We are at NDC in London right now and are about to start our session “IdentityServer4 v2 on ASP.NET Core v2 – an Update”. For those who can’t be here – you can find my slides on Speakerdeck. There will...
View ArticleAnnouncing PolicyServer
Over the course of the last years Brock, Michele and I have all been actively designing and implementing identity solutions for customers of all sizes and industries. Solutions range from simple to...
View ArticleClik here to view.
Native OIDC client sample for Windows that uses custom URI scheme handler
brockallen Since the release of our IdentityModel.OidcClient client library we have had iOS and Android samples for using the system browser to allow a user to authenticate with the token server....
View ArticleNDC London 2018 Artefacts
“IdentityServer v2 on ASP.NET Core v2: An update” video “Authorization is hard! (aka the PolicyServer announcement) video DotNetRocks interview audio
View ArticleClik here to view.
The State of HttpClient and .NET Multi-Targeting
IdentityModel is a library that uses HttpClient internally – it should also run on all recent versions of the .NET Framework and .NET Core. HttpClient is sometimes “built-in”, e.g. in the .NET...
View ArticleImprovements in Claim Mapping in the ASP.NET Core 2.1 OpenID Connect Handler
Here I described the various layers of claim mappings going on when doing OpenID Connect with ASP.NET Core. Based on our feedback, the ASP.NET team added another mapping option to reduce the amount of...
View ArticleMixing UI and API Endpoints in ASP.NET Core 2.1 (aka Dynamic Scheme Selection)
Some people like to co-locate UI and API endpoints in the same application. I generally prefer to keep them separate, but I acknowledge that certain architecture styles make this conscious decision....
View ArticleMaking the IdentityModel Client Libraries HttpClientFactory friendly
IdentityModel has a number of protocol client libraries, e.g. for requesting, refreshing, revoking and introspecting OAuth 2 tokens as well as a client and cache for the OpenID Connect discovery...
View ArticleClik here to view.
IdentityManager2
brockallen In 2014 I developed and released the first version of IdentityManager. The intent was to provide a simple, self-contained administrative tool for managing users in your ASP.NET Identity or...
View ArticleClik here to view.
Beware the combined authorize filter mechanics in ASP.NET Core 2.1
brockallen In ASP.NET Core 2.1 one of the security changes was related to how authorization filters work. In essence the filters are now combined, whereas previously they were not. This change in...
View ArticleWhat happened in 2018?
2018 has been really busy. We worked on a lot of different things, and I just realized that I only wrote eight blog posts in total. I decided to block December to catch up on many work and non-work...
View ArticleAutomatic OAuth 2.0 Token Management in ASP.NET Core
As part of the recent discussions around how to build clients for OpenID Connect and OAuth 2.0 based systems (see e.g. Brock’s post here), we substantially updated our workshop and supporting...
View ArticleClik here to view.
An alternative way to secure SPAs (with ASP.NET Core, OpenID Connect, OAuth...
You might have noticed the recent public discussions around how to securely build SPAs – and especially about the “weak security properties” of the OAuth 2.0 Implicit Flow. Brock has written up a good...
View Article