Stack Overflow
Stack Overflow

Questions tagged [identityserver4]

OpenID Connect Provider and OAuth 2.0 Authorization Server Framework based on ASP.NET Core

IdentityServer4 is an OpenID Connect Provider and OAuth 2.0 Authorization Server Framework built on ASP.NET Core.

Allows for the implementation of single sign-on and access control for modern web applications and APIs using protocols such as OpenID Connect and OAuth2. It supports a wide range of clients like mobile, web, SPAs and desktop applications and is extensible to allow integration in new and existing architectures.

IdentityServer4 is officially certified by the OpenID Foundation and thus spec-compliant and interoperable. It is part of the .NET Foundation, and operates under their code of conduct. It is licensed under Apache 2 (an OSI approved license).

For the .NET 4.x, katana based version see Identity Server 3

5377 questions
2
votes
1 answer

Is it possible to use a single client RedirectUri for multi-tenant application in IdentityServer 4?

I have an IdentityServer 4 setup using SaasKit to support multi-tenant URL paths. This allows me to access the single IS4 instance in a multi-tenant way like so: https://localhost:5000/tenant/tenant1/.well-known/openid-configuration The IS4…
Mark
  • 1,059
  • 13
  • 25
2
votes
2 answers

User Registration and Login in .NET Core, where does IdentityServer come in?

I have read on IdentityServer 4 and have an understanding of what it tries to do, but I am still struggling to understand how it fits with what I am trying to do. Here's my situation. I want to build a .NET Core API that would power an x number of…
J86
  • 14,345
  • 47
  • 130
  • 228
2
votes
0 answers

IdentityServer IIS . An error occurred while sending the request. ---> System.Net.Http.WinHttpException: A security error occurred

I have the following problem I'm using Identityserver, when I run the application in visual studio everything works fine but when I run it in IIS it breaks,This happens when I use https. I'm using asp.net core 2 DiscoveryResponse response = await…
Esteban Lopez
  • 41
  • 1
  • 6
2
votes
1 answer

Sharing IdentityServer between multiple apps

Multiple apps, are under the same company, thus share users. Kinda like what Google does. The apps have different databases, storages and resource schemes, therefore different requirements as for resource authorization. The user can access apps…
Shy Agam
  • 1,285
  • 1
  • 13
  • 37
2
votes
1 answer

Identity Server 4: 401 instead of redirect for specific controllers

I'm adding a couple of controllers to my Identity Server 4 asp.net core mvc app. To be clear, I have added these to the IdentityProvider app (which I use for SSO), not a client app. When I send a request to my endpoint (ex. GET…
SeanM
  • 33
  • 5
2
votes
1 answer

Detecting if the IdentityServer user is logged in while on a page which is available to anonymous users

Using an ASP.NET Core 2 application with IdentityServer 4 as an identity provider. Using two ASP.NET MVC 5 applications which use the the above mentioned application as the authority for authentication. Using the implicit flow for…
Dejan Janjušević
  • 3,181
  • 4
  • 41
  • 67
2
votes
1 answer

IdentityServer4 Authorization returns 403 forbidden instead of 401

I am using isentittyserver4 and I authorized my controller or actions. [Authorize(Roles ="app.admin")] [Route("products")] public class ProductsController : Controller { } My token contains roles. I can access roles in User object…
barteloma
  • 6,403
  • 14
  • 79
  • 173
2
votes
0 answers

Can I add a second IdentityServer4 to my WebApi Authentication pipeline?

I have an WebApi (DemoService). I protect it with the IdentityServer4. If I request the Api with a Bearer token my DemoService makes some requests to be sure that I am allowed to access the DemoService. GET…
user606249
  • 71
  • 3
2
votes
0 answers

Explanation of IdentityServer4 logout spec

We are using IdentityServer4. We have a Windows 2016 server running ADFS (Active Directory Federation Services) version 4.0. This version of ADFS has OpenID Connect endpoints to do active directory authentication. We set this up as an external…
gilm0079
  • 595
  • 1
  • 4
  • 18
2
votes
0 answers

Why does the Identity Server 4 demo use an iframe for back channel logout

The example IS4 host app (LoggedOut.cshtml) uses an iframe for both front ánd back channel logout. The documentation also says that both flows are implemented via an iframe. However, if I'm looking at the source code, I don't really understand why…
Edwin
  • 733
  • 8
  • 20
2
votes
1 answer

Saml2 Single Logout (SingleLogoutServiceResponseUrl) with Sustainsys and Identity Server 4

I am using Sustainsys Saml2 with Identity Server 4. A customer has asked me if we support support SAML Single Logout. They have asked for: Single Logout Request URL Single Logout Response URL From what I can see this is probably supported by…
Fanetic
  • 522
  • 5
  • 15
2
votes
0 answers

Identity Server 4 with refresh token and External Provider + Refresh token

my system is composed of several entities IS - an identity provider (Identity Server 4) C - an hybrid client with refresh_token EP - OAuth 2.0 external provider When a user tries to log in C, he is redirected to IS Once in IS, he presses EP and…
Alexandre Costa
  • 318
  • 3
  • 16
2
votes
1 answer

.NET Core 2.0 Identity Server + MVC in Docker - build fails on MacOS

I'm trying to Docker-ize a .NET Core 2.0 app, which is an MVC app using Identity Server 4, from MacOS. I'm not able to find any info on this error message: MacBook-Pro-3:myproject myuser$ sudo docker build -t mycompany/myproject . Password: Sending…
Tsar Bomba
  • 1,047
  • 6
  • 29
  • 52
2
votes
2 answers

ASP.NET Core 2.0: Authorization failed for user: (null)

I am building an application where Web API and IdentityServer4 are inside the same .Net Core 2.0 project. This API is consumed by Aurelia SPA web app. IdentityServer4 set to use JWT and ImplicitFlow. Everything works good (Client app gets redirected…
graycrow
  • 3,675
  • 6
  • 26
  • 28
2
votes
1 answer

Asp.Net Identity with Entity Framework 6

In my solution I am using ef6 for persistence library targeting the full .NET framework For web API => ASPNetCore targeting the full .NET framework Now when it comes to use aspnetcore identity, it's dependent on EFCore 2.0 and VS is not able to…
Jamal Al-Madani
  • 21
  • 1
1 2 3
99 100