OpenID/Connect, OAuth2, WS-Federation and SAML 2.0 server based on Duende IdentityServer and ITfoxtec Identity SAML 2.0.
OpenID/Connect, OAuth2, WS-Federation and SAML 2.0 are protocols that enable secure authentication and authorization of users and applications on the web. They allow users to sign in with their existing credentials from an identity provider (such as Google, Facebook, Microsoft, Twitter ans so-on) and grant access to their data and resources on different platforms and services. These protocols also enable developers to create applications that can interact with various APIs and resources without exposing the user’s credentials or compromising their privacy. Some examples of applications that use these protocols are web browsers, mobile apps, web APIs, and single-page applications.
Duende IdentityServer is a framework that implements OpenID Connect and OAuth 2.0 protocols for ASP.NET Core applications. It allows you to create your own identity and access management solution that can integrate with various identity providers and APIs.
ITfoxtec Identity SAML 2.0 is a framework that implements SAML-P for both Identity Provider (IdP) and Relying Party (RP).
TheIdServer implements all Duende IdentityServer features, a SAML 2.0 Identity Provider and comes with an admin UI.
Thanks @ldeluigi and its markdown-docs GitHub action. All markdown files are deployed in html here.
Try it now at https://theidserver-duende.herokuapp.com/
login: alice
pwd: Pass123$
An in-memory database version is available on Heroku.
If you like or are using this project to learn or start your solution, please give it a star. Thanks!
Or if you're feeling really generous, we support sponsorships.
Choose your favorite:
- Users management
- Roles management
- Clients management
- Apis management
- Api Scopes management
- Identities management
- Relying parties management
- External providers management
- Localizable
- Export/import configuration
- Keys management
- Server settings
- OpenID/Connect, OAuth2, WS-Federation and Saml2P server
- Large choice of database
- Dynamic external provider configuration
- Public / Private installation
- Docker support
- Claims providers
- External claims mapping
- Localizable
- OpenID Connect Dynamic Client Registration
- Auto remove expired tokens
- Keys rotation
- Create Personal Access Token
- Duende CIBA integration
- Token exchange(RFC 8693)
- Health checks
- OpenTelemety
- Server side session
- Passwor hashing configuration
- Read the TheIdServer Duende Web Server to configure the Duende IdentityServer.
You'll need to acquire a license for a commercial use of this version. - Read the TheIdServer Admin Application for application configuration.
You can build the solution with Visual Studio or use the dotnet build command.
To build docker images launch at solution root:
docker build -t aguacongas/theidserver.duende:dev -f "./src/Aguacongas.TheIdServer.Duende/Dockerfile" .
docker build -t aguacongas/theidserverapp:dev -f "./src/Aguacongas.TheIdServer.BlazorApp/Dockerfile" .We warmly welcome contributions. You can contribute by opening an issue, suggest new a feature, or submit a pull request.
Read How to contribute and Contributor Covenant Code of Conduct for more information.
The server pass the oidcc-basic-certification-test-plan with some warnings. It is anticipated that it will pass the certification process, but we need your assistance. Please sponsor this project to help us pay the required certification fee.
Choose your favorite:
The old IS4 version has been remove from the solution as IS4 reach is end of support.