It’s been 424 commits since we released Preview 1 – so there is quite a lot of new stuff, but the big features are:
- A completely revamped configuration system that allows replacing bits and pieces of the core server itself – including a DI system
- A plugin infrastructure that allows adding new endpoints (WS-Federation support is a plugin e.g.)
- Refresh tokens
- Infrastructure that allows customizing views and UI assets for re-branding as well as extensibility to insert your own workflows like registration or EULAs
- Support for CORS and HTTP strict transport security
- Content Security Policy (CSP) & stricter caching rules
- Protection against click-jacking
- Control over cookies (lifetime, naming etc)
- more extensibility points
We also split up the solution into separate repos and nugets for better composability:
- EntityFramework persistence layer
- MembershipReboot support
- ASP.NET Identity support
With that I am now leaving for holidays! ;) Give IdentityServer a try and give us feedback. A big thanks to all contributors and the people that engaged with us over the various channels!!!
Have a nice summer!