Tag Archives: IdentityServer4
Supporting both Local and Windows Authentication in ASP.NET Core MVC using IdentityServer4
This article shows how to setup an ASP.NET Core MVC application to support both users who can login in with a local login account, solution specific, or use a windows authentication login. The identity created from the windows authentication could then be allowed to do different tasks, for example administration, or a user from the […]
Creating specific themes for OIDC clients using razor views with IdentityServer4
This post shows how to use specific themes in an ASPNET Core STS application using IdentityServer4. For each OpenId Connect (OIDC) client, a separate theme is used. The theme is implemented using Razor, based on the examples, code from Ben Foster. Thanks for these. The themes can then be customized as required. Code: https://github.com/damienbod/AspNetCoreIdentityServer4Persistence Setup […]
Using an EF Core database for the IdentityServer4 configuration data
This article shows how to implement a database store for the IdentityServer4 configurations for the Client, ApiResource and IdentityResource settings using Entity Framework Core and SQLite. This could be used, if you need to create clients, or resources dynamically for the STS, or if you need to deploy the STS to multiple instances, for example […]
Sending Direct Messages using SignalR with ASP.NET core and Angular
This article shows how SignalR could be used to send direct messages between different clients using ASP.NET Core to host the SignalR Hub and Angular to implement the clients. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity Posts in this series Getting started with SignalR using ASP.NET Core and Angular SignalR Group messages with ngrx and Angular Using EF Core and […]
IdentityServer4 Localization with the OIDC Implicit Flow
This post shows how to implement localization in IdentityServer4 when using the Implicit Flow with an Angular client. Code: https://github.com/damienbod/AspNet5IdentityServerAngularImplicitFlow The problem When the oidc implicit client calls the endpoint /connect/authorize to authenticate and authorize the client and the identity, the user is redirected to the AccountController login method using the IdentityServer4 package. If the […]
Securing an Angular SignalR client using JWT tokens with ASP.NET Core and IdentityServer4
This post shows how an Angular SignalR client can send secure messages using JWT bearer tokens with an API and an STS server. The STS server is implemented using IdentityServer4 and the API is implemented using ASP.NET Core. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity Posts in this series Getting started with SignalR using ASP.NET Core and Angular SignalR Group […]
Implementing Two-factor authentication with IdentityServer4 and Twilio
This article shows how to implement two factor authentication using Twilio and IdentityServer4 using Identity. On the Microsoft’s Two-factor authentication with SMS documentation, Twilio and ASPSMS are promoted, but any SMS provider can be used. Code: https://github.com/damienbod/AspNetCoreID4External 2017-09-23 Updated to ASP.NET Core 2.0 Setting up Twilio Create an account and login to https://www.twilio.com/ Now create […]
Adding an external Microsoft login to IdentityServer4
This article shows how to implement a Microsoft Account as an external provider in an IdentityServer4 project using ASP.NET Core Identity with a SQLite database. Code https://github.com/damienbod/AspNetCoreID4External Updated: You can also login using OpenID Connect instead of using Microsoft Account. Updating Microsoft Account Logins in ASP.NET Core with OpenID Connect and Azure Active Directory 2019-05-17 […]
OpenID Connect Session Management using an Angular application and IdentityServer4
The article shows how the OpenID Connect Session Management can be implemented in an Angular application. The OpenID Connect Session Management 1.0 provides a way of monitoring the user session on the server using iframes. IdentityServer4 implements the server side of the specification. This does not monitor the lifecycle of the tokens used in the […]
Implementing a silent token renew in Angular for the OpenID Connect Implicit flow
This article shows how to implement a silent token renew in Angular using IdentityServer4 as the security token service server. The SPA Angular client implements the OpenID Connect Implicit Flow ‘id_token token’. When the id_token expires, the client requests new tokens from the server, so that the user does not need to authorise again. Code: […]