Day: May 10, 2018

Configure IdentityServer with Entity Framework (OIDC Part 6)

In this post, we are going to build upon our IdentityServer setup with ASP.NET Core Identity for user management by moving the previously hardcoded IdentityServer configuration data to the database. This enables dynamic change of how IdentityServer is configured instead of needed a rebuild of the server for every configuration change. For this, we are …

Configure IdentityServer with Entity Framework (OIDC Part 6) Read More »

OpenID Connect with IdentityServer and ASP.NET Core Identity (OIDC Part 5)

Great that you made it this far! Now we are getting closer to what would be a “normal” scenario. Until now we have played around with authenticating with client credentials, authorization code flow, and hybrid flow – all with hardcoded test users. Of course, this would not work in a production setup, so we will …

OpenID Connect with IdentityServer and ASP.NET Core Identity (OIDC Part 5) Read More »

OpenID Connect Hybrid Flow for calling resource API (OIDC Part 4)

In the last post we created an authorization code client, enabling the client to get the user claims from the id token, exchanged for the post-login authorization code. That way we were able to display the user roles on an authorized MVC view. This time, instead of getting the user roles from the userInfo endpoint …

OpenID Connect Hybrid Flow for calling resource API (OIDC Part 4) Read More »

Creating an OpenID connect system with Angular 8 and IdentityServer4 (OIDC part 1)

OpenID connect authentication with dotnet core and Angular will demonstrate how to set up an app that supports authentication and access control of certain resources in the system. This guide is based on the Identity Server docs which seems to favor a setup with a client, an Identity server and an API being with authorized resources. This …

Creating an OpenID connect system with Angular 8 and IdentityServer4 (OIDC part 1) Read More »

OpenID Connect Interactive authentication with Authorization Code Flow (OIDC Part 3)

In part 2 we created a simple OIDC setup using hard-coded client credentials for the client to obtain an access token, so it could invoke the resource API. In this post, we are gonna enable interactive login on the identity server with hard-coded test users using authorization flow. After the users have successfully logged in, …

OpenID Connect Interactive authentication with Authorization Code Flow (OIDC Part 3) Read More »

Creating identity server setup with client credential authentication (OIDC part 2)

In this post we are gonna take part 1 into action by creating a OpenID connect setup with a three server system using client credentials for authentication The three servers are: AuthorizationServer, implemented with IdentityServer4. ResourceApi, implemented with ASP.NET core and IdentityServer4.AccessTokenValidation Nuget package for access token validation. ClientApp, implemented as an ASP.NET MVC application with Angular …

Creating identity server setup with client credential authentication (OIDC part 2) Read More »