Author : MD TAREQ HASSAN | Updated : 2020/06/19
What is Identity Server?
- Identity Server (IdentityServer4) is an OpenID Connect and OAuth 2.0 framework for ASP.NET Core
- IdentityServer4 is redesigned for ASP.NET Core and .NET Core
- incorporates all the protocol implementations and extensibility points needed to integrate token-based authentication, SSO and API access control in your applications
- It can be used to make your application an authentication / single sign on server
- It can also issue access tokens for 3rd party clients
- companies using .NET to build identity and access control solutions for modern applications, including single sign-on, identity management, authorization, and API security
- IdentityServer is OpenID Certified and part of the .NET Foundation
- Founded and maintained by Dominick Baier and Brock Allen
It enables the following features in your applications:
- Authentication as a Service: Centralized login logic and workflow for all of your applications (web, native, mobile, services). IdentityServer is an officially certified implementation of OpenID Connect.
- Single Sign-on / Sign-out: Single sign-on (and out) over multiple application types.
- Access Control for APIs: Issue access tokens for APIs for various types of clients, e.g. server to server, web applications, SPAs and native/mobile apps.
- Federation Gateway: Support for external identity providers like Azure Active Directory, Google, Facebook etc. This shields your applications from the details of how to connect to these external providers.
- Focus on Customization: many aspects of IdentityServer can be customized to fit your needs. Since IdentityServer is a framework and not a boxed product or a SaaS, you can write code to adapt the system the way it makes sense for your scenarios.
See: Identity Server in dev-handy-sites#identity-server