Skip to main content

Questions tagged [identityserver4]

Ask Question

OpenID Connect Provider and OAuth 2.0 Authorization Server Framework based on ASP.NET Core

identityserver4
5,435 questions
Newest Active Bountied Unanswered
0 votes
1 answer
221 views

Why should I use OAuth,SAML,Identity Server

We have many web applications and want to integrate SSO.What is the benefit of using OAuth,SAML,Identity Server. What is different from making a custom webapi that produce token and authenticate user.
Numan KIZILIRMAK's user avatar
Numan KIZILIRMAK
  • 565
1 vote
1 answer
3k views

How do I get the user claims after I have logged in with IdentityServer 4?

I have used this sample to setup IdentityServer4 with angular and WebApi (ASP.NET Core): https://github.com/damienbod/AspNet5IdentityServerAngularImplicitFlow Everything is working, I can login and ...
n3tx's user avatar
n3tx
  • 429
1 vote
0 answers
123 views

Surfacing large image tags that require api authentication

I'm working with a system that is currently switching from using cookie authentication to identity server. The front end of the application is a SPA using KnockoutJS. The SPA has access to a WebAPI ...
Manatherin's user avatar
Manatherin
  • 4,179
40 votes
2 answers
52k views

Identity Server 4 Authorization Code Flow example

I'm trying to implement Identity Server 4 with AspNet Core using Authorization Code Flow. The thing is, the IdentityServer4 repository on github have several samples, but none with Authorization Code ...
Rafael Miceli's user avatar
Rafael Miceli
  • 2,094
5 votes
1 answer
3k views

IdentityServer 4 using IIS

I'm trying to work with IdentityServer 4. For now I'm using this link https://github.com/IdentityServer/IdentityServer4.Samples as example. My problem is that using http://localhost:22530/ ...
Vladimir Rodchenko's user avatar
Vladimir Rodchenko
  • 1,062
1 vote
0 answers
616 views

Generating a valid JWT

I've been getting into using Identity Server 4 this weekend, and I've mostly been impressed with the ease and it feels like I've gotten a good grip for the procedure for creating an access_token. Been ...
bialad's user avatar
bialad
  • 75
3 votes
1 answer
2k views

Using database instead of in memory store Identity server 4

Please guide me how we can customize identityserver 4 to use database instead of in memory store. List of class that need to be overridden and how they are to be configured
harmeet's user avatar
harmeet
  • 137
7 votes
2 answers
2k views

The User.IsInRole("Administrators") with IClaimsTransformer always false

I add the role administrators to user claims after authentication with an IClaimsTransformer impelimentation like this: (principal.Identity as ClaimsIdentity).AddClaim(new Claim(ClaimTypes.Role, "...
Mike Anderson's user avatar
Mike Anderson
  • 758
5 votes
1 answer
941 views

asp.net 5 and IdentityServer4

I am working on a prototype for a site re-architecture using ASP.NET 5 and I am debating using IdentityServer4 for my Authentication and Authorization. I have reviewed a lot of samples and articles ...
user1041169's user avatar
user1041169
  • 709
3 votes
1 answer
1k views

How to implement identity server 3 localization

I have an identityserver3 as a separate server for authenticating multiple client. I want to localize it and i used IdentityServer3.Contrib.Localization for that, now i know that this is it's usage: ...
Marzouk's user avatar
Marzouk
  • 2,670
14 votes
1 answer
13k views

How to make IdentityServer to add user identity to the access token?

Short: My client retrieves an access token from IdentityServer sample server, and then passes it to my WebApi. In my controller, this.HttpContext.User.GetUserId() returns null (User has other claims ...
LOST's user avatar
LOST
  • 3,145
1 vote
2 answers
165 views

Is the implicit client security is fragile or my concerns is not valid

I am using the implicit client in the identity server, in the other hand there is a native android app, My security concerns is: 1- App reverse engineering: if the attacker get access to the ...
HB MAAM's user avatar
HB MAAM
  • 3,972
0 votes
1 answer
113 views

IdenityServer in an enterprise environment - Resolve user information across multiple databases

We use the IdentityServer3 as our central authentication provider. Now I have a general question about the IdenityServer in an enterprise environment. I try to explain it with the following example: ...
Martin Schagerl's user avatar
Martin Schagerl
  • 603
21 votes
4 answers
16k views

How would I generate the Identity Server signing certificate

In the identity server samples we find code like this in Startup.cs var certFile = env.ApplicationBasePath + "\\idsrv3test.pfx"; var signingCertificate = new X509Certificate2(certFile, "idsrv3test");...
sunil's user avatar
sunil
  • 5,138
0 votes
1 answer
2k views

OAuth 2.0 Single-use Access Token for unauthenticated user via IdentityServer4

I apologies in advance for incorrect use of oauth terms. I have 4 "parties" as follows (intentionally not using oauth terms where possible): End-user in a browser (javascript) Our website (aspnet) ...
Smudge202's user avatar
Smudge202
  • 4,689

15 30 50 per page
1
359 360 361
362
363