Platforms where you can run IdentityServer4

There is some confusion about where, and on which platform/OS you can run IdentityServer4 – or more generally speaking: ASP.NET Core.

IdentityServer4 is ASP.NET Core middleware – and ASP.NET Core (despite its name) runs on the full .NET Framework 4.5.x and upwards or .NET Core.

If you are using the full .NET Framework you are tied to Windows – but have the advantage of using a platform that you (and your devs, customers, support staff etc) already know well. It is just a .NET based web app at this point.

If you are using .NET Core, you get the benefits of the new stack including side-by-side versioning and cross-platform. But there is a learning curve involved getting to know .NET Core and its tooling.

This entry was posted in .NET Security, ASP.NET, IdentityServer, OpenID Connect, WebAPI. Bookmark the permalink.

23 Responses to Platforms where you can run IdentityServer4

  1. regen says:

    So IdentityServer can be compiled with .NET Core?

    If so, how? Changing the framework in project.json is not working.

  2. cemana says:

    Scenario: Backend with Web API 2.0. Users with roles, groups and privileges. IdentityServer4 would be better with Identification Service (Database or LDAP) separated of these features (Database) or, everything in a database?
    IdentityServer with LDAP or mongoDB?

  3. Ben says:

    Is there any tutorial how to setup identityserver 4 with .NET Framework 4.5.x? or is it the same like with identityserver 3?

  4. Riza says:

    Any example on IdentityServer4 using .NET Framework 4.5.2 in ASP.NET MVC 5 classic? I try it, but some methods missing/not found, e.g. UseIdentityServer(). I look at the source code, and the difference is because IAppBuilder in MVC 5 with IApplicationBuilder in .NET Core.

  5. Riza says:

    Thanks. Will try again.

  6. Tom says:

    I’m planning my second Asp.NET Core & Angular application and the new one must support Facebook, Twitter, and similar social authentication providers (as well as ordinary membership/registration). I went through building Asp.NET CORE with Identity template and added the supplied middleware for Facebook and Twitter as per ‘cookbook’ instructions and was pleased. At this point, the out-of-the-box functionality looks pretty decent.

    In a third (or later) app there could be requirement for a single member to link multiple social accounts from one single social provider … but that’s for later and this is now.

    So my team is focused on delivering the business capabilities and I can see that going deep into customizing authentication & authorization code could risk the entire project overall: it’s very important but it’s not the product we’re slated to deliver. Due to my limitations I don’t easily see advantages we would have to bite off additional learning curve for IdentityServer4 vs. relying on the out-of-box Asp.Net CORE Identity’s support for social log-ins.

    Would appreciate if you comment to clue someone who is new to Asp.Net CORE world in on (a) advantages to start immediately with IdentityServer4, (b) extent of learning curve to this technology, and/or (c) whether there is a path to migrate user data from ordinary Asp.Net CORE Identity into IdentityServer4 if adopted at a later date?

    Thank you.

    • IdentityServer starts to make sense once you have more than one (or planning more than one) application that wants to share authentication services and have features like SSO.

      • Tom says:

        Thank you so much for helping remove the blinders from my eyes.

        I noted that mobile applications are mentioned in the docs and I gather it would be readily possible for a native mobile appliccation to follow specs and successfully use IdentityServer4 services. Is extrenal (social) log-in be supported in such a scenario and is there a reference implementation I overlooked?

        -Thank you again.

  7. Check out our IdentityServer4 samples repo – as well as the OidcClient samples in our IdentityModel repo.

  8. Tom says:

    Grateful for your work and reply back. Will do.

  9. Ranjith says:

    am also facing this issue , my sso proxy application developed by identityserver 4 with core, my few client applications are developed by core it’s working fine, i try to include framework 4.5.2 developed client it throws error “Sorry, there was an error : invalid_request”

    My client Code is app.UseCookieAuthentication(new CookieAuthenticationOptions
    AuthenticationType = “Cookies”,


    app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions

    AuthenticationType = “oidc”,
    SignInAsAuthenticationType = “Cookies”,
    Authority = “http://localhost:4000”, //ID Server SSO Server
    ClientId = “Reportaldev”,
    ClientSecret = “secret”,
    ResponseType = “code id_token”,
    RedirectUri = “http://localhost:4002/signin-oidc”, //URL of Client website
    Scope = “apiportal”,
    AuthenticationMode= Microsoft.Owin.Security.AuthenticationMode.Active ,


  10. Madjid Aoudia says:

    I am trying to use IdentityServer4 on .Net Framework 4.6.2. And ASP.NET Core 1.x (I know it is obsolete but I have to use it because of my compiler level which I can’t change)
    It works great except I can’t find which packages I should use for logging. The Serilog versions documented target .Net Core only.


  11. Matías Culasso Paulin says:

    Hello, It is possible to use Identity Server 4 – 2.x with .Net Framework 4.6.1? Thanks

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s