Thinktecture Identity Server 3

Identity Server


Thinktecture’s Identity Server v3 is a .NET implementation of the OpenID Connect 1.0 and OAuth 2.0 specifications. The culmination of Dominick Baier and Brock Allen’s experience with security and token services, IdentityServer was written from scratch to meet OpenID Connect specifications, acting as your very own identity provider (aka an OpenID Connect Provider).

From the horse’s mouth:

IdentityServer is a framework and a hostable component that allows implementing single sign-on and access control for modern web applications and APIs using protocols like OpenID Connect and OAuth2. It supports a wide range of clients like mobile, web, SPAs and desktop applications and is extensible to allow integration in new and existing architectures. –

So what does that mean? IdentityServer is all about authentication. It gives you a single, trusted source for issuing identities, representing the users that use your applications. No more creating a login form and user credential store for every one of your applications, authentication is hard after all, with IdentityServer you implement it once and let it take care of the rest. This also gives you Single Sign On (SSO) out-of-the-box and the potential for Single Sign Off.

IdentityServer not only authentication, but also security for your web APIs. Implementing the OAuth 2.0 specification, IdentityServer can give you scoped access to your APIs, preventing unauthorized usage.

IdentityServer 3 is designed as an OWIN/Katana component and can be run embedded or as a standalone project. This design was built upon with the release of ASP.NET Core and IdentityServer 4, allowing IdentityServer to run on any manner of host with the UI now fully controlled by the implementor.

Out of the box support is available for WS-Federation and the ASP.NET Identity and MembershipReboot user stores. There is also built in support for external identity providers using the standard Microsoft libraries.

Initial release version was pushed on the 24 January 2015 and as of August 2015 (v2.0.0) IdentityServer 3 dropped the Thinktecture prefix. With the release of ASP.NET Core, IdentityServer 4 is now due for release Q4 2016.

I’ve been working with Identity Server since October 2014 with varying degrees of success and have gone from zero to hero (or maybe just not a zero) with my security knowledge as a result. I’ve set up a GitHub repository and a full walkthrough on how to get started with IdentityServer 3 using a few different flows and clients implementations.

Share this article: