You can find all .Net core posts here.
Once I explored and wrote about Authentication in .Net Core using Identity here, many people have asked me to explore and write on IdentityServer4.
So I am starting a series of posts in which I will mainly concentrate on IdentityServer4
In this first post, we will see some of the basics of IdentityServer4.
Nowadays, securing your application with username and password is not just enough. The number of cyber attacks is increasing day by day and to secure your application\APIs – you need a solid authentication and authorization system.
As you can see in above picture, Modern applications are not just simple Server-Client applications but are more like – Web Application calls -> Web API, Client Apps calls -> Web API, Native apps call -> Web API, Web API calls -> Web API etc. In this complex structure, we need a token-based security.
Along with having a solid authentication & authorization system, we also need to have a centralized Auth logic for all our applications\APIs.
To achieve all of them – it would take much time and efforts to build this authentication & authorization system. But we can just use a ready-made framework for all our need of authentication and authorization – That framework is called IdentityServer4
What is IdentityServer4?
- IdentityServer4 is the newest version of the IdentityServer
- IdentityServer4 is open source OpenID Connect and OAuth 2.0 framework for ASP.NET Core
- IdentityServer4 acts as a central authentication server for multiple applications
- It is a hostable component that allows implementing single sign-on and access control for modern web applications and APIs using protocols like OpenID Connect and OAuth2
- IdentityServer4 is part of .Net foundation
So in simple words:
- If we want to implement OpenId standard then we need to implement all the rules of the standard but building that is quite hard and time-consuming
- So what if we have a component or a framework which implements all those codes for us and we can just plug it in our application? – That is nothing but the IdentityServer4
- IdentityServer4 is a piece of software that issues security tokens to the clients
- IdentityServer4 is responsible for creating a complete authentication service, with single session input and output for various types of applications, such as mobile, web, native or even other services
- With the use of IdentityServer4, we just need to create a login and logout page (and maybe consent), and rest of the things can be done by IdentityServer4 middleware. Thus client applications can communicate to it using those standard protocols
- IdentityServer4 can be used for securing web APIs as well
Example
As you can see in above picture:
- Users are human which needs to access the resources of the application, APIs etc
- Client is a piece of code which internally calls the IdentityServer4
- Client requests the token from the IdentityServer4 either to authenticate user which is nothing but the Identity tokens or to gain the access to the resources which is nothing but the Access tokens
- Identity token contains all the identity data of the user and used for user authentication
- Access token contains the information about the client & user and use to access the APIs
- Resources are all those important data which are protectable – like the user details, passwords, Fingerprints, Voice phrases of the user, APIs etc
- IdentityServer4 is our hero here – IdentityServer4 is used to issue the security tokens to clients
Some of the features of IdentityServer:
- Authentication as a service – Centralized logic for Login for all the applcations\APIs etc
- It can be used to protect your resources
- It is an Open Source Identity Provider
- Authentication of the users and\or clients
- Single Sign-on
- Can be used to secure the APIs
- provide session management
- To issue identity and access tokens to clients
- To validate tokens
- Gateway to third-party identity providers like Facebook, Google etc.
Last but not the least – Special thanks to Dominick Baier and Brock Allen for creating such an awesome IdentityServer framework.
In the next post, we will see how to create the IdentityServer4 server.(Update – Part II is available here)
Hope it helps.
Neel Bhatt 
Hi Neel.. have you spelled the new server names correct? “IndeityServer4” – I can’t find any results of this string in Google.
LikeLike
Oh yes it was by mistake. It is nothing but the IdentityServer4. Thanks a lot for pointing that Gopinath 🙂
LikeLike
Reblogged this on sharepointswe.
LikeLiked by 1 person
At one time, Slime, the biggest metropolis in Malta, had many very
lower priced guest house in Bedfordview. This changed
into earlier than the “discovery” of Malta
as a visitor vacation spot. Regrettably, guest homes have disappeared;
the tourism department does now not assume they contribute to a wonderful photo of the island.
LikeLike
Thhis is the right website for anyone who hopes
to understand this topic. You realizze so much its almost
tough too argue with you (not that I personally would want to…HaHa).
You certainly put a neww spin on a topic that has been discussed for decades.
Wonderful stuff, just wonderful!
LikeLike
Nice post. I was checking continuously this blog and
I’m impressed! Extremely useful information particularly
the remaining section 🙂 I take care of such information a lot.
I was seeking this particular information for a long time.
Thank you and best of luck.
LikeLike