Embedding Thinktecture IdentityServer in your own Applications

Starting with v2 of identity server, the core engine and protocol implementations are separately available as a Nuget package.

This allows re-hosting the core STS logic or the protocol endpoints inside your own applications. As a proof of concept, the github repo contains a bare-bones in-memory hosting sample. Let’s have a quick look.

28-12-2012 20-28-27

The sample allows creating security tokens for a specified user and a specified realm in the specified token type. Under the covers this is the the full fledged token service pipeline of identity server including global configuration, key material, relying parties registration and claims repository.

1. Adding the Nuget Package
Add the Thinktecture.IdentityServer.Core Nuget package to your solution.

2. Implement the necessary classes for your host
You could either use the same databases from the standard web host version of IdSrv, or you provide your own implementations of configuration etc… In this sample everything is implemented in memory.

28-12-2012 20-59-50

3. Call the IdSrv API
You can now start working with low-level classes like TokenService or TokenServiceConfiguration – or you use one of the easier to use helper classes like STS or AuthenticationHelper.

You basically need three pieces of information:

  • a principal
  • a realm
  • a token type

..and get back a SecurityToken.

var sts = new STS();

SecurityToken token;


var success = sts.TryIssueToken(

    new EndpointReference(Realm.Text),



    out token);


Have fun!

This entry was posted in IdentityServer. Bookmark the permalink.

6 Responses to Embedding Thinktecture IdentityServer in your own Applications

  1. That was just-in-time… Thanks Dominick! Just today I was trying to implement something like this in a szenario where you could configure the application to run as a thin client using WCF or as a fat client where I need to use the STS in memory. Great work!

  2. Hi Dominick,
    Is there a sample available for self-hosting your STS and accessing it from a WPF client in the mean time?

  3. John Handy says:

    I was wondering if this IdvSrv2 is covered under “Microsoft Public License (Ms-PL)” or some other arrangement?

  4. Sanjay Padhye says:

    Hi Dominick,
    Is there a code sample for a .NET web application using Forms Authentication, and one using ASP.NET membership?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s