Starting with v2 of identity server, the core engine and protocol implementations are separately available as a Nuget package.
This allows re-hosting the core STS logic or the protocol endpoints inside your own applications. As a proof of concept, the github repo contains a bare-bones in-memory hosting sample. Let’s have a quick look.
The sample allows creating security tokens for a specified user and a specified realm in the specified token type. Under the covers this is the the full fledged token service pipeline of identity server including global configuration, key material, relying parties registration and claims repository.
1. Adding the Nuget Package
Add the Thinktecture.IdentityServer.Core Nuget package to your solution.
2. Implement the necessary classes for your host
You could either use the same databases from the standard web host version of IdSrv, or you provide your own implementations of configuration etc… In this sample everything is implemented in memory.
3. Call the IdSrv API
You can now start working with low-level classes like TokenService or TokenServiceConfiguration – or you use one of the easier to use helper classes like STS or AuthenticationHelper.
You basically need three pieces of information:
- a principal
- a realm
- a token type
..and get back a SecurityToken.
var sts = new STS();
var success = sts.TryIssueToken(
That was just-in-time… Thanks Dominick! Just today I was trying to implement something like this in a szenario where you could configure the application to run as a thin client using WCF or as a fat client where I need to use the STS in memory. Great work!
Is there a sample available for self-hosting your STS and accessing it from a WPF client in the mean time?
Yep – see here: https://github.com/thinktecture/Thinktecture.IdentityServer.v2/wiki
I was wondering if this IdvSrv2 is covered under “Microsoft Public License (Ms-PL)” or some other arrangement?
Is there a code sample for a .NET web application using Forms Authentication, and one using ASP.NET membership?