Category Archives: Uncategorized

2020: IdentityServer4 Roadmap

It’s the time of the year – we are working on IdentityServer and lock down the features we want to implement for the next version(s). Initially we planned to make our 3.0 release the big one – but then .NET … Continue reading

Posted in IdentityServer, Uncategorized | Leave a comment

New in IdentityServer4 v4: Multiple signing Keys

So far IdentityServer4 only supported a single signing key at a time. There are historic reasons for that. When we started with .NET Core, the only x-plat algorithm that really worked (without #ifdef hell) was RSA with SHA-256 (RS256) so … Continue reading

Posted in IdentityServer, Uncategorized | Leave a comment

IdentityServer3 and upcoming SameSite Cookie changes in Browsers

You have probably heard that starting with Chrome 80 in February, the behavior of cookies will change. This is a breaking change and effects every single web application on the internet. Microsoft has patched their supported platforms (ASP.NET, Katana 4 … Continue reading

Posted in IdentityServer, Uncategorized | 6 Comments

IdentityServer for ASP.NET Core 3

In short: is released (along with the introspection and access control validation handler). As part of the longer version, you might ask yourself how we can do that before ASP.NET Core 3 itself is released. Well – it’s a slightly complicated … Continue reading

Posted in ASP.NET Core, IdentityServer, Uncategorized | 4 Comments

Releasing IdentityModel v4

IdentityModel has been growing organically over the last years, and we felt it is necessary to do some fundamental cleanup. At the same time it is used by a lot of people and companies (currently around 20 million downloads on … Continue reading

Posted in IdentityModel, Uncategorized | Leave a comment

Claims-based Identity & Access Control for .NET, ASP.NET and WCF 4.5 now retired on PluralSight

Time flies! I just got notice from PluralSight that the above mentioned three courses are now retired and are not included in search results anymore. If you still care about this content – the direct links still work, and here … Continue reading

Posted in .NET Security, ASP.NET, Uncategorized, WCF | Leave a comment

End of IdentityServer3 free Support

Back in 2017 we announced the end of IdentityServer3 maintenance. This excluded security bug fixes. As of the 1st of July 2019 Microsoft officially ended support for Katana 3. This means that the platform we originally built-against is now unsupported … Continue reading

Posted in IdentityServer, Katana, Uncategorized | 1 Comment