Monday, August 10, 2015

Identity Server with ASP.NET

Identity Server and ASP.NET with Dominick Baier on the Hanselminutes Technology Podcast: Fresh Air for Developers
"Scott talks to Dominick Baier about identity on the web and in ASP.NET. Dominick and Brock Allen have a great series of open source products in the form of Identity Manager, Identity Server, and Identity Model. What does auth on today's web look like? How does Open ID Connect and OAuth work and how can you set it up in your websites today?"

"IdentityServer is a .NET/Katana-based framework and hostable component that allows implementing single sign-on and access control for modern web applications and APIs using protocols like OpenID Connect and OAuth2. It supports a wide range of clients like mobile, web, SPAs and desktop applications and is extensible to allow integration in new and existing architectures.

Watch this for the big picture: Introduction to OpenID Connect, OAuth2 and IdentityServer."

IdentityServer3 "The big Picture"
security protocols

"Authentication is needed when an application needs to know about the identity of the current user... The most common authentication protocols are SAML2p, WS-Federation and OpenID Connect
API Access
"Applications have two fundamental ways with which they communicate with APIs – 
  • using the application identity, or 
  • delegating the user’s identity. 
Sometimes both ways need to be combined.
OAuth2 is a protocol that allows applications to request access tokens from a security token service and use them to communicate with APIs...

OpenID Connect and OAuth2 – better together

OpenID Connect and OAuth2 are very similar – in fact OpenID Connect is an extension on top of OAuth2. This means that you can combine the two fundamental security concerns – authentication and API access into a single protocol – and often a single round trip to the security token service."

No comments: