Category Archives: IdentityModel

Releasing IdentityModel v4

IdentityModel has been growing organically over the last years, and we felt it is necessary to do some fundamental cleanup. At the same time it is used by a lot of people and companies (currently around 20 million downloads on … Continue reading

Posted in IdentityModel, Uncategorized | Leave a comment

Another Take on Access Token Management in ASP.NET Core (…and announcing IdentityModel.AspNetCore)

I spent a lot of time on the client side recently – as part of our PolicyServer client libraries work, customer work, our updated guidance for our workshops as well as the various talks Brock and I gave on building … Continue reading

Posted in ASP.NET Core, IdentityModel, OAuth, OpenID Connect, Uncategorized | Leave a comment

What happened in 2018?

2018 has been really busy. We worked on a lot of different things, and I just realized that I only wrote eight blog posts in total. I decided to block December to catch up on many work and non-work related … Continue reading

Posted in .NET Security, ASP.NET Core, IdentityModel, IdentityServer, PolicyServer, Uncategorized | Leave a comment

Making the IdentityModel Client Libraries HttpClientFactory friendly

IdentityModel has a number of protocol client libraries, e.g. for requesting, refreshing, revoking and introspecting OAuth 2 tokens as well as a client and cache for the OpenID Connect discovery endpoint. While they work fine, the style around libraries that … Continue reading

Posted in ASP.NET Core, IdentityModel, Uncategorized, WebAPI | 6 Comments

The State of HttpClient and .NET Multi-Targeting

IdentityModel is a library that uses HttpClient internally – it should also run on all recent versions of the .NET Framework and .NET Core. HttpClient is sometimes “built-in”, e.g. in the .NET Framework, and sometimes not, e.g. in .NET Core … Continue reading

Posted in IdentityModel, Uncategorized, WebAPI | 1 Comment

Using iOS11 SFAuthenticationSession with IdentityModel.OidcClient

Starting with iOS 11, there’s a special system service for browser-based authentication called SFAuthenticationSession. This is the recommended approach for OpenID Connect and OAuth 2 native iOS clients (see RFC8252). If you are using our OidcClient library – this is … Continue reading

Posted in .NET Security, IdentityModel, OAuth, OpenID Connect, Uncategorized, WebAPI | Leave a comment

NDC London 2017

As always – NDC was a very good conference. Brock and I did a workshop, two talks and an interview. Here are the relevant links: Building JavaScript and mobile/native Clients for Token-based Architectures IdentityServer4: New & Improved for ASP.NET Core … Continue reading

Posted in .NET Security, ASP.NET, IdentityModel, IdentityServer, OAuth, OpenID Connect, WebAPI | 3 Comments