Monthly Archives: October 2017

Using iOS11 SFAuthenticationSession with IdentityModel.OidcClient

Starting with iOS 11, there’s a special system service for browser-based authentication called SFAuthenticationSession. This is the recommended approach for OpenID Connect and OAuth 2 native iOS clients (see RFC8252). If you are using our OidcClient library – this is … Continue reading

Posted in .NET Security, IdentityModel, OAuth, OpenID Connect, Uncategorized, WebAPI | Leave a comment

Templates for IdentityServer4 v2

I finally found the time to update the templates for IdentityServer4 to version 2. You can find the source code and instructions here. To be honest, I didn’t have time to research more advanced features like post-actions (wanted to do … Continue reading

Posted in IdentityServer, OAuth, OpenID Connect, Uncategorized, WebAPI | Leave a comment

SAML2p Identity Provider Support for IdentityServer4

One very common feature request is support for acting as a SAML2p identity provider. This is not a trivial task, but our friends at Rock Solid Knowledge were working hard, and now published a beta version. Give it a try! … Continue reading

Posted in .NET Security, IdentityServer, OpenID Connect, WebAPI | Leave a comment

New in IdentityServer4 v2: Simplified Configuration behind Load-balancers or Reverse-Proxies

Many people struggle with setting up ASP.NET Core behind load-balancers and reverse-proxies. This is due to the fact that Kestrel is often used just for serving up the application, whereas the “real HTTP traffic” is happening one hop earlier. IOW … Continue reading

Posted in ASP.NET Core, IdentityServer, Uncategorized, WebAPI | 12 Comments

IdentityServer4 v2

Wow – this was probably our biggest update ever! Version 2.0 of IdentityServer4 is not only incorporating all the feedback we got over the last year, it also includes the necessary updates for ASP.NET Core 2 – and also has … Continue reading

Posted in .NET Security, ASP.NET Core, IdentityServer, OpenID Connect, WebAPI | 4 Comments