Author Archives: Dominick Baier

Announcing Thinktecture IdentityServer v3 – Beta 1

It’s done – and I am happy (and a bit exhausted) – a few minutes ago I closed the last open issue for Beta 1. What’s new It’s been 424 commits since we released Preview 1 – so there is … Continue reading

Posted in .NET Security, ASP.NET, IdentityServer, Katana, OAuth, OpenID Connect, OWIN, Uncategorized, WebAPI | 9 Comments

NDC London: Identity and Access Control for modern Web Applications and APIs

I am happy to announce that NDC will host our new workshop in London in December! Join us to learn everything that is important to secure modern web applications and APIs using Microsoft’s current and future web stack! Looking forward … Continue reading

Posted in .NET Security, ASP.NET, IdentityModel, IdentityServer, Katana, OAuth, OpenID Connect, OWIN, WebAPI | 1 Comment

Updated IdentityServer v3 Roadmap (and Refresh Tokens)

Brock and I have been pretty busy the last months and we did not find as much time to work on IdentityServer as we wanted. So we have updated our milestones on github and are currently planning a Beta 1 for … Continue reading

Posted in ASP.NET, IdentityServer, OAuth, OpenID Connect, WebAPI | 6 Comments

Resource/Action based Authorization for OWIN (and MVC and Web API)

Authorization is hard – much harder than authentication because it is so application specific. Microsoft went through several iterations of authorization plumbing in .NET, e.g. PrincipalPermission, IsInRole, Authorization configuration element and AuthorizeAttribute. All of the above are horrible approaches and … Continue reading

Posted in ASP.NET, IdentityModel, Katana, OWIN, WebAPI | 6 Comments

Using Discovery and Katana Middleware to write an OpenID Connect Web Client

In the last post I showed how to write an OIDC web client from scratch – this requires to have knowledge of certain configuration parameters of the OIDC provider, e.g.: the URL of the authorize endpoint (and logout endoint) the … Continue reading

Posted in IdentityServer, Katana, OpenID Connect, OWIN | 7 Comments

DotNetRocks on OpenID Connect with Brock and Me

Recorded at NDC Oslo: http://www.dotnetrocks.com/default.aspx?ShowNum=993

Posted in Conferences & Training, IdentityServer, OAuth, OpenID Connect, OWIN, WebAPI | 5 Comments

Writing an OpenID Connect Web Client from Scratch

OIDC is supposed to make things easier, so I thought it would be a good exercise to write a web application that uses OIDC to authenticate users – but without using any OIDC specific libraries. I chose to use the … Continue reading

Posted in Uncategorized | 15 Comments