Category OAuth2
IdentityServer4 Localization using ui_locales and the query string
This post is part 2 from the previous post IdentityServer4 Localization with the OIDC Implicit Flow where the localization was implemented using a shared cookie between the applications. This has its restrictions, due to the cookie domain constraints and this post shows how the oidc optional parameter ui_locales can be used instead, to pass the […]
Securing an Angular SignalR client using JWT tokens with ASP.NET Core and Duende IdentityServer
This post shows how an Angular SignalR client can send secure messages using JWT bearer tokens with an API and an STS server. The STS server is implemented using Duende IdentityServer and the API is implemented using ASP.NET Core. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity Posts in this series History 2023-01-08 Updated Angular 15, .NET 72021-01-25 Updated Angular 11.1.0 […]
Auto redirect to an STS server in an Angular app using oidc Implicit Flow
This article shows how to implement an auto redirect in an Angular application, if using the OIDC Implicit Flow with an STS server. When a user opens the application, it is sometimes required that the user is automatically redirected to the login page on the STS server. This can be tricky to implement, as you […]
SignalR Group messages with ngrx and Angular
This article shows how SignalR can be used to send grouped messages to an Angular SignalR client, which uses ngrx to handle the SignalR events in the Angular client. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity Posts in this series History 2023-01-08 Updated Angular 15, .NET 72021-01-25 Updated Angular 11.1.0 .NET 5, ngrx implementation2020-03-21 updated packages, fixed Admin UI STS2019-08-18 […]
Implementing Two-factor authentication with IdentityServer4 and Twilio
This article shows how to implement two factor authentication using Twilio and IdentityServer4 using Identity. On the Microsoft’s Two-factor authentication with SMS documentation, Twilio and ASPSMS are promoted, but any SMS provider can be used. Code: https://github.com/damienbod/AspNetCoreID4External 2017-09-23 Updated to ASP.NET Core 2.0 Setting up Twilio Create an account and login to https://www.twilio.com/ Now create […]
Adding an external Microsoft login to IdentityServer4
This article shows how to implement a Microsoft Account as an external provider in an IdentityServer4 project using ASP.NET Core Identity with a SQLite database. Code https://github.com/damienbod/AspNetCoreID4External Updated: You can also login using OpenID Connect instead of using Microsoft Account. Updating Microsoft Account Logins in ASP.NET Core with OpenID Connect and Azure Active Directory 2019-05-17 […]
Implementing a silent token renew in Angular for the OpenID Connect Implicit flow
This article shows how to implement a silent token renew in Angular using IdentityServer4 as the security token service server. The SPA Angular client implements the OpenID Connect Implicit Flow ‘id_token token’. When the id_token expires, the client requests new tokens from the server, so that the user does not need to authorise again. Code: […]
ASP.NET Core IdentityServer4 Resource Owner Password Flow with custom UserRepository
This article shows how a custom user store or repository can be used in IdentityServer4. This can be used for an existing user management system which doesn’t use Identity or request user data from a custom source. The Resource Owner Flow using refresh tokens is used to access the protected data on the resource server. […]
Implementing OpenID Code Flow with PKCE using OpenIddict and Angular
This article shows how to implement the OpenID Connect Code Flow with PKCE using OpenIddict hosted in an ASP.NET Core application, an ASP.NET Core Web API and an Angular application as the client. Code: https://github.com/damienbod/AspNetCoreOpeniddict 2021-12-24 Updated to ASP.NET Core 6, Angular 13 2020-12-26 Updated to ASP.NET Core 5, Angular 11, OpenIddict 3 2017-05-27 Updated […]
Software Engineering 