Stack Overflow
Stack Overflow

Questions tagged [identityserver4]

OpenID Connect Provider and OAuth 2.0 Authorization Server Framework based on ASP.NET Core

IdentityServer4 is an OpenID Connect Provider and OAuth 2.0 Authorization Server Framework built on ASP.NET Core.

Allows for the implementation of single sign-on and access control for modern web applications and APIs using protocols such as OpenID Connect and OAuth2. It supports a wide range of clients like mobile, web, SPAs and desktop applications and is extensible to allow integration in new and existing architectures.

IdentityServer4 is officially certified by the OpenID Foundation and thus spec-compliant and interoperable. It is part of the .NET Foundation, and operates under their code of conduct. It is licensed under Apache 2 (an OSI approved license).

For the .NET 4.x, katana based version see Identity Server 3

5377 questions
20
votes
1 answer

Authentication with oidc-client.js and Identityserver4 in a React frontend

Lately I'm trying to set-up authentication using IdentityServer4 with a React client. I followed the Adding a JavaScript client tutorial (partly) of the IdentityServer documentation:…
Nicolas
  • 2,277
  • 5
  • 36
  • 82
20
votes
3 answers

.Net Core behind NGINX returns 502 Bad Gateway after authentication by IdentityServer4

Having two applications auth and store and authenticating using IdentityServer4 and both are behind NGINX. The store application successfully authenticates but after coming back from the auth application we get 502 Bad Gateway from NGINX. Any idea…
Babak
  • 3,716
  • 6
  • 39
  • 56
20
votes
1 answer

IdentityServer 4, OpenIdConnect redirect to external sign-in url

I am trying to build multiple small ASP.Net core Mvc services that connect to a Identity server built using IdentityServer4. I have setup the OpenIdOption on the MVC services that looks like this app.UseCookieAuthentication(new…
Kiran
  • 2,997
  • 6
  • 31
  • 62
20
votes
2 answers

IdentityServer4: Add Custom default Claim to Client Principal for Client_Credential Granttype

I am using IdentityServer4 and I am trying to add a custom default claim to my CLIENT when the token is created. This is possible if i use the implicit flow and IProfileService like shown below. public class MyProfileService : IProfileService { …
flexxxit
  • 2,440
  • 5
  • 42
  • 69
20
votes
1 answer

How to create an identity server for users without consent page?

We have an internal application for internal users which I need to protect using OAuth2/OIDC and thinking of using IdentityServer4. The end users will not be authorizing any applications so there shouldn't be any consent page. I couldn't find any…
dstr
  • 8,362
  • 12
  • 66
  • 106
19
votes
6 answers

IdentityServer4 PostLogoutRedirectUri

I am confused about how this is used. Most examples I've seen have it given as "/signout-callback-oidc". That seems to indicate that it uses OIDC middleware in the process. What if I want to return to a specific client page? The automatic redirect…
JakeJ
  • 2,361
  • 5
  • 23
  • 35
19
votes
4 answers

Cannot sign out the OpenIdConnect authentication of identityserver4 on ASP.NET Core 2 application

My Identity Server is using identityserver4 framework (http://localhost:9000). And I register the client on Identity Server as below. clients.Add( new Client { ClientId = "customer.api", ClientName = "Customer services", …
Kevin Hoang
  • 922
  • 1
  • 10
  • 25
19
votes
3 answers

Identity Server(OAuth2) implementation with integration to legacy systems(Forms Auth, ADFS,AD)

We are currently building a RESTful API(.Net Core, IdentityServer 4, EF6). We have released an MVP version of it. It also references a WCF service. This WCF service orchestrates all other calls to other internal (Legacy systems) and other…
tinonetic
  • 7,751
  • 11
  • 54
  • 79
19
votes
4 answers

How to implement Windows Authentication with IdentityServer 4

How to correctly implement Windows Authentication with Identity Server 4? Are there any samples to do that? I looked at the source code of IdentityServer 4, and in the Host project in the AccountController, I noticed that there is Windows…
The Tech Geek
  • 575
  • 1
  • 5
  • 16
18
votes
3 answers

What are User Claims in IdentityServer4 API Resources vs. API Scopes

I've configured an instance of IdentityServer4 and have successfully configured it as a client for an OIDC provider. I'm now trying to set it up as the OIDC provider for my application. I've followed through the quickstarts and read the…
alastairs
  • 6,697
  • 8
  • 50
  • 64
18
votes
2 answers

IdentityServer4 Access Token Lifetime

I am using IdentityServer4, and its configuration is in the database. There is a silent renewal on the client (oidc). I have set the following lifetime settings for the client: AbsoluteRefreshTokenLifetime = 60 * 30,//30 mins AccessTokenLifetime =…
The Eagle
  • 427
  • 1
  • 4
  • 13
18
votes
1 answer

Identity server 4 with SAML 2.0 as external identity provider for SSO

I am using identity server 4 for authentication to my ASP.Net Core solution. And it is working well with Facebook, Google and other external identity provider. And now I am trying to add SAML 2.0 authentication to the identity server using…
Jay
  • 183
  • 1
  • 1
  • 6
18
votes
1 answer

Identity Server 4 error "keyset is missing"

After I config EntityFramework the code not working, I just did like the doc int this page identity server 4 official doc Just like the doc say at the last of page "You should now be able to run any of the existing client applications and sign-in,…
RocketRobin
  • 221
  • 2
  • 5
18
votes
4 answers

Clock skew and tokens

I need help to understand how clock skew works. We define clock skew to deal with time variation between two parties. But, my confusion is: we have all information such as token created time and expiration time in the token itself tokens can be…
newbeedeveloper
  • 759
  • 2
  • 6
  • 10
18
votes
3 answers

IdentityServer4 + Asp.Net Core Identity - Map Identity to application database user

I am trying to implement an IdentityServer4 with Asp.Net Core Identity. I want to use IdentityServer4 as centralized authentication/authorization point for APIs using always the same identity. So the idea is to store the Asp.Net Core Identity stuff…
Jazjef
  • 461
  • 3
  • 10
1 2 3
99 100