Platforms where you can run IdentityServer4

There is some confusion about where, and on which platform/OS you can run IdentityServer4 – or more generally speaking: ASP.NET Core.

IdentityServer4 is ASP.NET Core middleware – and ASP.NET Core (despite its name) runs on the full .NET Framework 4.5.x and upwards or .NET Core.

If you are using the full .NET Framework you are tied to Windows – but have the advantage of using a platform that you (and your devs, customers, support staff etc) already know well. It is just a .NET based web app at this point.

If you are using .NET Core, you get the benefits of the new stack including side-by-side versioning and cross-platform. But there is a learning curve involved getting to know .NET Core and its tooling.

This entry was posted in .NET Security, ASP.NET, IdentityServer, OpenID Connect, WebAPI. Bookmark the permalink.

37 Responses to Platforms where you can run IdentityServer4

  1. regen says:

    So IdentityServer can be compiled with .NET Core?

    If so, how? Changing the framework in project.json is not working.

  2. cemana says:

    Scenario: Backend with Web API 2.0. Users with roles, groups and privileges. IdentityServer4 would be better with Identification Service (Database or LDAP) separated of these features (Database) or, everything in a database?
    IdentityServer with LDAP or mongoDB?

  3. Ben says:

    Is there any tutorial how to setup identityserver 4 with .NET Framework 4.5.x? or is it the same like with identityserver 3?

  4. Riza says:

    Any example on IdentityServer4 using .NET Framework 4.5.2 in ASP.NET MVC 5 classic? I try it, but some methods missing/not found, e.g. UseIdentityServer(). I look at the source code, and the difference is because IAppBuilder in MVC 5 with IApplicationBuilder in .NET Core.

  5. Riza says:

    Thanks. Will try again.

  6. Tom says:

    I’m planning my second Asp.NET Core & Angular application and the new one must support Facebook, Twitter, and similar social authentication providers (as well as ordinary membership/registration). I went through building Asp.NET CORE with Identity template and added the supplied middleware for Facebook and Twitter as per ‘cookbook’ instructions and was pleased. At this point, the out-of-the-box functionality looks pretty decent.

    In a third (or later) app there could be requirement for a single member to link multiple social accounts from one single social provider … but that’s for later and this is now.

    So my team is focused on delivering the business capabilities and I can see that going deep into customizing authentication & authorization code could risk the entire project overall: it’s very important but it’s not the product we’re slated to deliver. Due to my limitations I don’t easily see advantages we would have to bite off additional learning curve for IdentityServer4 vs. relying on the out-of-box Asp.Net CORE Identity’s support for social log-ins.

    Would appreciate if you comment to clue someone who is new to Asp.Net CORE world in on (a) advantages to start immediately with IdentityServer4, (b) extent of learning curve to this technology, and/or (c) whether there is a path to migrate user data from ordinary Asp.Net CORE Identity into IdentityServer4 if adopted at a later date?

    Thank you.

    • IdentityServer starts to make sense once you have more than one (or planning more than one) application that wants to share authentication services and have features like SSO.

      • Tom says:

        Thank you so much for helping remove the blinders from my eyes.

        I noted that mobile applications are mentioned in the docs and I gather it would be readily possible for a native mobile appliccation to follow specs and successfully use IdentityServer4 services. Is extrenal (social) log-in be supported in such a scenario and is there a reference implementation I overlooked?

        -Thank you again.

  7. Check out our IdentityServer4 samples repo – as well as the OidcClient samples in our IdentityModel repo.

  8. Tom says:

    Grateful for your work and reply back. Will do.

  9. Ranjith says:

    am also facing this issue , my sso proxy application developed by identityserver 4 with core, my few client applications are developed by core it’s working fine, i try to include framework 4.5.2 developed client it throws error “Sorry, there was an error : invalid_request”

    My client Code is app.UseCookieAuthentication(new CookieAuthenticationOptions
    AuthenticationType = “Cookies”,


    app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions

    AuthenticationType = “oidc”,
    SignInAsAuthenticationType = “Cookies”,
    Authority = “http://localhost:4000”, //ID Server SSO Server
    ClientId = “Reportaldev”,
    ClientSecret = “secret”,
    ResponseType = “code id_token”,
    RedirectUri = “http://localhost:4002/signin-oidc”, //URL of Client website
    Scope = “apiportal”,
    AuthenticationMode= Microsoft.Owin.Security.AuthenticationMode.Active ,


  10. Madjid Aoudia says:

    I am trying to use IdentityServer4 on .Net Framework 4.6.2. And ASP.NET Core 1.x (I know it is obsolete but I have to use it because of my compiler level which I can’t change)
    It works great except I can’t find which packages I should use for logging. The Serilog versions documented target .Net Core only.


  11. Matías Culasso Paulin says:

    Hello, It is possible to use Identity Server 4 – 2.x with .Net Framework 4.6.1? Thanks

  12. Sivasekar E says:

    Hi Dominick,

    Hope you’re doing good. I have been trying to implement IdentityServer 4.2.x on dotnet framework 4.6.2 as target framework. I couldn’t get it working like I did in core 2.0. I have done lot of googling, but still couldn’t figure out the working version of Identityserver 4.2.x on dotnet 4.6.2. Is it possible to share any working version on the same. Below is what I’m trying.

    -> Create a empty ASp.Net Web application project that targets dotnet framework 4.6.2
    -> Add Owin Startup and Configure relevant services
    -> Couldn’t find any extention for app.UseIdentityServer().

    Appreciate your support.


  13. Sivasekar E says:

    Thanks Dominick. I tried changing the target framework, but build fails with the below error. Package Microsoft.AspNetCore.All 2.0.0 is not compatible with net462 (.NETFramework,Version=v4.6.2). Because of which app fails to start, since the startup.cs would be called from Program.cs.

  14. That’s true. Use the .App package instead of .All. Check the MS docs for that.

  15. Sivasekar E says:

    Much appreciate your support Dominick. Though it doesn’t work with .All or .App, I managed to make it crack it by installing ONLY the relevant nugets for hosting. :)

  16. Sivasekar E says:

    Hi Dominick, While retrieving access token (JWT) from server, I’m getting below exception. By any chance you have idea on the same.
    OAuthProblemException{error=’unsupported_response_type’, description=’Invalid response! Response body is not application/json encoded’, uri=’null’, state=’null’, scope=’null’, redirectUri=’null’, responseStatus=0, parameters={}}]
    Appreciate your support.

  17. Alexander says:

    Hi, we are using Identity Server 3 for our set of microservices comprised of APIs which are NOT Asp.Net Core (but using Global.asax). We would like to add new core based microservices that would use Identity Server 4. Is it possible to replace IS3 with IS4 and have our old APIs to work along with new APIs using IS4? Thanks!

  18. acarlon says:

    Hi. I came here from, I am stuck in the same way – I can add IdentityServer4 nuget package OK, but there is no extension method for IAppBuilder.UseIdentityServer.
    Is this possible? Is it just a matter of adding the Configure() and ConfigureServices() methods to the existing application? I.e. run owin pipeline and .net core middleware?

  19. jeff says:

    I have inherited an identity server 3 implementation. My clients are a mixed bag of .net framework 3.5 and 4.5. They are all applications but are not currently integrated with any version of identity server. Since the recommendation is to use Identity server 4, is it possible to use identity server 3 libraries from my clients to communicate with with identity server 4? What do you recommend that I do for my scenario?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s