Category Archives: ASP.NET Core

Making the IdentityModel Client Libraries HttpClientFactory friendly

IdentityModel has a number of protocol client libraries, e.g. for requesting, refreshing, revoking and introspecting OAuth 2 tokens as well as a client and cache for the OpenID Connect discovery endpoint. While they work fine, the style around libraries that … Continue reading

Posted in ASP.NET Core, IdentityModel, Uncategorized, WebAPI | 4 Comments

Mixing UI and API Endpoints in ASP.NET Core 2.1 (aka Dynamic Scheme Selection)

Some people like to co-locate UI and API endpoints in the same application. I generally prefer to keep them separate, but I acknowledge that certain architecture styles make this conscious decision. Server-side UIs typically use cookies for authentication (or a … Continue reading

Posted in ASP.NET Core, OpenID Connect, Uncategorized, WebAPI | 14 Comments

Improvements in Claim Mapping in the ASP.NET Core 2.1 OpenID Connect Handler

Here I described the various layers of claim mappings going on when doing OpenID Connect with ASP.NET Core. Based on our feedback, the ASP.NET team added another mapping option to reduce the amount of “magic” going on, and thus makes … Continue reading

Posted in ASP.NET Core, OpenID Connect, Uncategorized | 2 Comments

NDC London 2018 Artefacts

“IdentityServer v2 on ASP.NET Core v2: An update” video “Authorization is hard! (aka the PolicyServer announcement) video DotNetRocks interview audio  

Posted in ASP.NET Core, IdentityServer, PolicyServer, Uncategorized, WebAPI | Leave a comment

NDC London 2018: IdentityServer Update

We are at NDC in London right now and are about to start our session “IdentityServer4 v2 on ASP.NET Core v2 – an Update”. For those who can’t be here – you can find my slides on Speakerdeck. There will … Continue reading

Posted in .NET Security, ASP.NET Core, IdentityServer, Uncategorized | Leave a comment

Sponsoring IdentityServer

Brock and I have been working on free identity & access control related libraries since 2009. This all started as a hobby project, and I can very well remember the day when I said to Brock that we can only … Continue reading

Posted in .NET Security, ASP.NET Core, IdentityServer, OAuth, OpenID Connect, Uncategorized, WebAPI | 1 Comment

Updated Templates for IdentityServer4

We finally found the time to put more work into our templates. dotnet new is4empty Creates a minimal IdentityServer4 project without a UI. dotnet new is4ui Adds the quickstart UI to the current project (can be e.g added on top … Continue reading

Posted in ASP.NET Core, IdentityServer, OAuth, OpenID Connect, WebAPI | 8 Comments