Creating an OpenIdConnect Identity Provider with IdentityServer
Kista May 24, 2023, 9:00 AM - 5:00 PM
Microsoft MVP, Pluralsight author, ASP.NET insider
Using an OpenIdConnect Identity Provider has become the standard for authentication in many organizations. The cloud offers you many ready-to-go options but often these are not flexible enough.
The open-source IdentityServer lets you build your own and is designed with flexibility in mind. In this workshop, I'll go through all the details. We'll go way beyond the "hello world" demo: At the end of the day you'll know how to create a usable identity provider suitable for production and you'll have a good idea of both the basic and more advanced features of IdentityServer.
Here are the major topics:
- What is an identity provider?
- OpenIdConnect terminology (users, resources, clients)
- Show a simplified token service with in-memory data
- Show how to consume it with clients and apis
- Add database support (built-in EF contexts)
- Creating a custom user datastore
- How to add support for users
- Using Identity as a user store
- Adding claims with a profile service
- Grants and flows
- Using refresh tokens
- Using reference tokens
- Adding support for external identity providers (google, facebook, ad)
- Using the id token for all kinds of authorization data is not a good idea
- Creating an authorization service to cope with this