Author : HASSAN MD TAREQ | Updated : 2020/06/19

What is Identity Server?

  • Identity Server (IdentityServer4) is an OpenID Connect and OAuth 2.0 framework for ASP.NET Core
    • IdentityServer4 is redesigned for ASP.NET Core and .NET Core
    • incorporates all the protocol implementations and extensibility points needed to integrate token-based authentication, SSO and API access control in your applications
  • It can be used to make your application an authentication / single sign on server
  • It can also issue access tokens for 3rd party clients
  • companies using .NET to build identity and access control solutions for modern applications, including single sign-on, identity management, authorization, and API security
  • IdentityServer is OpenID Certified and part of the .NET Foundation
  • Founded and maintained by Dominick Baier and Brock Allen


It enables the following features in your applications:

  • Authentication as a Service: Centralized login logic and workflow for all of your applications (web, native, mobile, services). IdentityServer is an officially certified implementation of OpenID Connect.
  • Single Sign-on / Sign-out: Single sign-on (and out) over multiple application types.
  • Access Control for APIs: Issue access tokens for APIs for various types of clients, e.g. server to server, web applications, SPAs and native/mobile apps.
  • Federation Gateway: Support for external identity providers like Azure Active Directory, Google, Facebook etc. This shields your applications from the details of how to connect to these external providers.
  • Focus on Customization: many aspects of IdentityServer can be customized to fit your needs. Since IdentityServer is a framework and not a boxed product or a SaaS, you can write code to adapt the system the way it makes sense for your scenarios.


See: Identity Server in dev-handy-sites#identity-server