Tag Archives: IdentityServer

Implement client assertions for OAuth client credential flows in ASP.NET Core

April 21, 2025 · by · in .NET, .NET Core, ASP.NET Core, OAuth2, Security · 3 Comments

This blog implements client assertions using an OAuth client credential flow in ASP.NET Core. Client assertions provide a secure way for client authentication without sharing a secret, enhancing the security the OAuth client credentials flow. By using JSON Web Tokens (JWTs) client assertions, this approach ensures strong client identity (application) verification and mitigates risks associated […]

Extending Identity in IdentityServer4 to manage users in ASP.NET Core

November 18, 2016 · by · in .NET, angular, ASP.NET Core, ASPNET5, dotnet, MVC, OAuth2, Security, Typescript, Web · 21 Comments

This article shows how Identity can be extended and used together with IdentityServer4 to implement application specific requirements. The application allows users to register and can access the application for 7 days. After this, the user cannot log in. Any admin can activate or deactivate a user using a custom user management API. Extra properties […]

Angular secure file download without using an access token in URL or cookies

April 2, 2016 · by · in .NET, angular, AngularJS, ASP.NET Core, ASPNET5, MVC, TopHeaderMenu, Web · 9 Comments

This article shows how an Angular SPA client can download files using an access token without passing it to the resource server in the URL. The access token is only used in the HTTP Header. If the access token is sent in the URL, this will be saved in server logs, routing logs, browser history, […]

Angular OpenID Connect Implicit Flow with IdentityServer4

March 2, 2016 · by · in .NET, angular, AngularJS, ASP.NET Core, ASPNET5, javascript, MVC, OAuth2, Security, TopHeaderMenu, Typescript, Web · 141 Comments

This article shows how to implement an OpenID Connect Implicit Flow client in Angular. The Angular client is implemented in Typescript and uses IdentityServer4 and an ASP.NET core 2.0 resource server. The OpenID Connect specification for Implicit Flow can be found here. Code: https://github.com/damienbod/AspNet5IdentityServerAngularImplicitFlow History: 2019-09-20: Updated ASP.NET Core 3.0, Angular 8.2.6 2018-12-05: Updated to […]

AngularJS OpenID Connect Implicit Flow with IdentityServer4

February 26, 2016 · by · in .NET, AngularJS, ASP.NET Core, MVC, OAuth2, Security, TopHeaderMenu, Web · 18 Comments

This article shows how to implement the OpenID Connect Implicit Flow using Angular. This previous blog implemented the OAuth2 Implicit Flow which is not an authentication protocol. The OpenID Connect specification for Implicit Flow can be found here. Code: VS2017 msbuild | VS2015 project.json History: 2017.03.18: Updated to angular 2.4.10, oidc client validation Full history: […]

OAuth2 Implicit Flow with AngularJS and ASP.NET Core 2.0 IdentityServer4

November 8, 2015 · by · in AngularJS, ASP.NET Core, ASPNET5, Entity Framework, MVC, OAuth2, Security, SQLite, TopHeaderMenu, Web · 45 Comments

This article shows how to implement the OAuth2 Implicit Flow with an AngularJS client and IdentityServer4 hosted in ASP.NET Core 1.1. The code was built using the IdentityServer4.Samples. Thanks to everyone who helped in creating IdentityServer. Code: https://github.com/damienbod/AspNet5IdentityServerAngularImplicitFlow History: 2017-08-15: Updated ASP.NET Core 2.0, Angular 4.3.6 Full history: https://github.com/damienbod/AspNet5IdentityServerAngularImplicitFlow#history Other posts in this series: OAuth2 […]