Author Archives: Dominick Baier

Updated Templates for IdentityServer4

We finally found the time to put more work into our templates. dotnet new is4empty Creates a minimal IdentityServer4 project without a UI. dotnet new is4ui Adds the quickstart UI to the current project (can be e.g added on top … Continue reading

Posted in ASP.NET Core, IdentityServer, OAuth, OpenID Connect, WebAPI | 8 Comments

Missing Claims in the ASP.NET Core 2 OpenID Connect Handler?

The new OpenID Connect handler in ASP.NET Core 2 has a different (aka breaking) behavior when it comes to mapping claims from an OIDC provider to the resulting ClaimsPrincipal. This is especially confusing and hard to diagnose since there are … Continue reading

Posted in ASP.NET Core, IdentityServer, OpenID Connect, WebAPI | 2 Comments

End of IdentityServer3 Maintenance

Yesterday we made the decision to stop development and maintenance of IdentityServer3. This has a couple of reasons: IdentityServer4 is the better OpenID Connect and OAuth 2 implementation in every aspect ASP.NET Core 2 is now a mature platform There … Continue reading

Posted in IdentityServer, Uncategorized | 8 Comments

Using iOS11 SFAuthenticationSession with IdentityModel.OidcClient

Starting with iOS 11, there’s a special system service for browser-based authentication called SFAuthenticationSession. This is the recommended approach for OpenID Connect and OAuth 2 native iOS clients (see RFC8252). If you are using our OidcClient library – this is … Continue reading

Posted in .NET Security, IdentityModel, OAuth, OpenID Connect, Uncategorized, WebAPI | Leave a comment

Templates for IdentityServer4 v2

I finally found the time to update the templates for IdentityServer4 to version 2. You can find the source code and instructions here. To be honest, I didn’t have time to research more advanced features like post-actions (wanted to do … Continue reading

Posted in IdentityServer, OAuth, OpenID Connect, Uncategorized, WebAPI | Leave a comment

SAML2p Identity Provider Support for IdentityServer4

One very common feature request is support for acting as a SAML2p identity provider. This is not a trivial task, but our friends at Rock Solid Knowledge were working hard, and now published a beta version. Give it a try! … Continue reading

Posted in .NET Security, IdentityServer, OpenID Connect, WebAPI | Leave a comment

New in IdentityServer4 v2: Simplified Configuration behind Load-balancers or Reverse-Proxies

Many people struggle with setting up ASP.NET Core behind load-balancers and reverse-proxies. This is due to the fact that Kestrel is often used just for serving up the application, whereas the “real HTTP traffic” is happening one hop earlier. IOW … Continue reading

Posted in ASP.NET Core, IdentityServer, Uncategorized, WebAPI | 12 Comments