Monthly Archives: July 2013

Two days of Claims-based Identity & Access Control Workshop in London

Great news! The London edition of the NDC conference has pre-con workshops and Jakob invited us to hold our claims-based identity & access control workshop there. This is the first time Brock and I are teaching the workshop together, and … Continue reading

Posted in .NET Security, ASP.NET, AuthorizationServer, Conferences & Training, IdentityModel, IdentityServer, OAuth, OpenID Connect, WCF, WebAPI | Leave a comment

Announcing MembershipReboot

Originally posted on brockallen:
It’s sort of silly that I’m doing an announcement now since MembershipReboot is at version 2.1 (my first release was in January, 2013), but since I never made a formal post on it, this will have…

Posted in Uncategorized | Leave a comment

Building a federated authentication client with OpenID Connect

Originally posted on brockallen:
Dominick and I have been working hard at implementing OpenID Connect in Thinktecture IdentityServer. Dominick has recently completed the authorization server and user profile endpoint bits. We also just recently completed a sample for a basic…

Posted in Uncategorized | Leave a comment

IdentityServer: Progress on OpenID Connect support

We just checked in configuration support for OpenID Connect – this includes two things: enable/disable the whole protocol support (it is disabled by default) support for defining OpenID Connect clients in the admin UI What’s missing? We are still working … Continue reading

Posted in IdentityServer, OAuth, OpenID Connect | Leave a comment

The future of OAuth2 and OpenID Connect in IdentityServer

We are very close to an implementation of the OpenID Connect “Basic Client Profile”. This is the “OAuth2 sign-in” feature in IdentityServer that most people want – just done right. In addition we have AuthorizationServer which features a full implementation … Continue reading

Posted in AuthorizationServer, IdentityServer, OAuth, WebAPI | 2 Comments

New IdentityServer Feature: Set token type per Relying Party

…as opposed to globally.

Posted in IdentityServer | Leave a comment

IdentityServer: Overview of OpenID Connect Basic Client Profile

Posted in IdentityModel, IdentityServer, OAuth, WebAPI | Leave a comment

Troubleshooting IdentityServer

I often get questions similar to: “We are trying to do X – but we only see ‘Sorry, an error occurred while processing your request.’ in the browser. What am I missing” Well – that means an error has occurred..and … Continue reading

Posted in IdentityServer | Leave a comment

IdentityServer: Preview of the OpenID Connect Basic Client Profile

The mid term plan is that OpenID Connect will replace the plain OAuth2 endpoints in IdentityServer. As a first step, I just checked in a preview of the OIDC basic client profile support (see this doc). The preview consists of … Continue reading

Posted in ASP.NET, IdentityServer, WebAPI | 4 Comments

IdentityServer: Using WS-Federation with JWT Tokens (and symmetric Signatures)

In this post I described how to use IdentityServer to do WS-Federation with JWT tokens. In that post I used the default IdSrv signing certificate to sign the outgoing JWT tokens. There are scenarios where you don’t have certificates but … Continue reading

Posted in ASP.NET, IdentityServer, WebAPI | 7 Comments