Yesterday we made the decision to stop development and maintenance of IdentityServer3. This has a couple of reasons:
- IdentityServer4 is the better OpenID Connect and OAuth 2 implementation in every aspect
- ASP.NET Core 2 is now a mature platform
- There is only that much time you can spend on OSS development and issue tracker support, so we decided to focus on current projects which are IdentityServer4, IdentityModel2 and oidc-client.js
Security vulnerabilities will be fixed ASAP of course. Please disclose them responsibly.
PS. If you are a customer or have an existing support contract, we will of course continue supporting you. If you want to start a new support contract for your IdentityServer3 deployment, please let us know.