Category Archives: Uncategorized

Financial APIs and IdentityServer

Right now there is quite some movement in the financial sector towards APIs and “collaboration” scenarios. The OpenID Foundation started a dedicated working group on securing Financial APIs (FAPIs) and the upcoming Revised Payment Service EU Directive (PSD2 – official … Continue reading

Posted in .NET Security, ASP.NET Core, IdentityServer, OAuth, OpenID Connect, Uncategorized, WebAPI | Leave a comment

IdentityServer & Heidelberg on Channel9

Seth and the Channel9 crew visited me in my office in Heidelberg to learn about IdentityServer and German culture. We had a nice day in Heidelberg involving identity, a whiteboard, code, beers & bratwurst ;) enjoy. Part 1 (interview and … Continue reading

Posted in .NET Security, ASP.NET Core, IdentityServer, OAuth, OpenID Connect, Uncategorized | Leave a comment

New in IdentityServer4: Events

Well – not really new – but redesigned. IdentityServer4 has two diagnostics facilities – logging and events. While logging is more like low level “printf” style – events represent higher level information about certain logical operations in IdentityServer (think Windows security … Continue reading

Posted in ASP.NET Core, IdentityServer, OAuth, OpenID Connect, Uncategorized, WebAPI | 3 Comments

OpenID Connect Client Library for JavaScript/SPA-style Applications

In addition to our native library – Brock successfully certified his JavaScript library with the OpenID Foundation. oidc-client-js is by far the most easy and elegant way I have seen so far for integrating OpenID Connect and OAuth 2 client … Continue reading

Posted in IdentityModel, OAuth, OpenID Connect, Uncategorized | 5 Comments

New in IdentityServer4: Resource-based Configuration

For RC4 we decided to re-design our configuration object model for resources (formerly known as scopes). I know, I know – we are not supposed to make fundamental breaking changes once reaching the RC status – but hey – we … Continue reading

Posted in .NET Security, ASP.NET, OAuth, Uncategorized, WebAPI | 37 Comments

Trying IdentityServer

We have a demo instance of IdentityServer3 on https://demo.identityserver.io. I already used this for various samples (e.g. the OpenID Connect native clients) – and it makes it easy to try IdentityServer with your clients without having to deploy and configure … Continue reading

Posted in ASP.NET, IdentityServer, OpenID Connect, OWIN, Uncategorized, WebAPI | 2 Comments

Identity Videos, Podcasts and Slides from Conference Season 2016/1

My plan was to cut down on conferences and travelling in general – this didn’t work out ;) I did more conferences in the first 6 months of 2016 than I did in total last year. weird. Here are some … Continue reading

Posted in .NET Security, ASP.NET, Conferences & Training, IdentityModel, IdentityServer, OAuth, OpenID Connect, Uncategorized, WebAPI | Leave a comment