IdentityServer articles, news and blog RSS feed Web Development (C) 2026 IdentityServer https://www.identityserver.com https://www.identityserver.com/media/xudfjjng/favicon.png https://www.identityserver.com Sun, 22 Mar 2026 09:09:08 GMT en-GB daily 1 A case study on how we helped a Pet technology company upgrade their SSO solution, with no down time https://www.identityserver.com/articles/modernising-single-sign-on-for-pitpatpet Mon, 23 Feb 2026 00:00:00 GMT https://www.identityserver.com/articles/modernising-single-sign-on-for-pitpatpet Andrew Clymer 3f0b5021-f7b3-4c31-a44a-ca4cb7d7508e A case study on helping Nailor transition from legacy identity infrastructure to a supported, future‑proof authentication platform. https://www.identityserver.com/articles/upgrading-from-identityserver4-to-duende Wed, 11 Feb 2026 00:00:00 GMT https://www.identityserver.com/articles/upgrading-from-identityserver4-to-duende Andrew Clymer 2bba199e-e967-4d86-89e8-8da89227b741 Aspire brings powerful tools to streamline development and enhance your project’s capabilities. But how can you implement it in your identity solution? https://www.identityserver.com/articles/run-identityserver-and-adminui-with-aspire Mon, 30 Jun 2025 00:00:00 GMT https://www.identityserver.com/articles/run-identityserver-and-adminui-with-aspire Nacho Escrig ede16960-bb20-4774-92f8-2cefd41c3790 How to use Zuplo API Gateway to protect your HTTP API using an external Policy Decision Point https://www.identityserver.com/articles/external-authz-policy-for-zuplo-api-gateway Tue, 27 May 2025 00:00:00 GMT https://www.identityserver.com/articles/external-authz-policy-for-zuplo-api-gateway Jerrie Pelser 4e578917-5dea-4e52-ba3c-7c59e5cf9f5d https://www.identityserver.com/articles/twofactorsmsisdead Wed, 21 May 2025 00:00:00 GMT https://www.identityserver.com/articles/twofactorsmsisdead Andrew Clymer 237d6ebd-9b39-4bee-9e75-9df1da1bd02b https://www.identityserver.com/articles/enforcer-50-is-here-smarter-authorization-now-authzen-ready Mon, 05 May 2025 00:00:00 GMT https://www.identityserver.com/articles/enforcer-50-is-here-smarter-authorization-now-authzen-ready Patrick Allwood b33e304a-7c86-4968-9f1d-c6dcf079516d https://www.identityserver.com/articles/inclusive-secure-and-verified-the-future-of-digital-identity-verification Thu, 27 Mar 2025 00:00:00 GMT https://www.identityserver.com/articles/inclusive-secure-and-verified-the-future-of-digital-identity-verification Andrew Clymer 86a7b01d-c773-4d00-97a8-0be8064f124a https://www.identityserver.com/articles/why-passkeys-are-the-future-of-accessible-authentication Tue, 11 Mar 2025 00:00:00 GMT https://www.identityserver.com/articles/why-passkeys-are-the-future-of-accessible-authentication Sean Farrow 47c89f7f-7834-49b1-aa6f-203497499d32 Implementation of the draft-ietf-scim-cursor-pagination-05 https://www.identityserver.com/articles/scim-cursor-pagination Tue, 15 Oct 2024 00:00:00 GMT https://www.identityserver.com/articles/scim-cursor-pagination Andrew Clymer f41670cb-bccc-412a-b7f0-b769097467f3 V4.0 of our FIDO2/Passkey component uses a FIPS 140-3 certified cryptographic module. https://www.identityserver.com/articles/fips-and-fido2passkeys Mon, 14 Oct 2024 00:00:00 GMT https://www.identityserver.com/articles/fips-and-fido2passkeys Andrew Clymer 2f78024b-8183-4940-a967-8752c93c3c8a Moving your local Single-Sign-On (SSO) solution onto production can be scary, but with this essential configuration, you will be on the right track. https://www.identityserver.com/articles/moving-your-adminui-all-in-one-template-solutions-from-your-local-machine-into-production Sun, 28 Apr 2024 00:00:00 GMT https://www.identityserver.com/articles/moving-your-adminui-all-in-one-template-solutions-from-your-local-machine-into-production Nacho Escrig e5ba820f-c2a1-4da5-bc36-ef1fa450af30 What is a Phishing attack? What can organizations do to prevent phishing attacks? How does EvilJinx and FIDO come into play? https://www.identityserver.com/articles/mitigate-phishing-attacks Mon, 15 Jan 2024 00:00:00 GMT https://www.identityserver.com/articles/mitigate-phishing-attacks Kevin Jones 81ebd7bc-2609-461a-bc0a-ba1173d3ff2a When discussing security, we often divide it into two parts: authentication and authorization. So, what's the difference between the two? When should I be using a claim, and why shouldn't i use it to drive policy? https://www.identityserver.com/articles/dont-use-claims-for-authorization Thu, 23 Nov 2023 00:00:00 GMT https://www.identityserver.com/articles/dont-use-claims-for-authorization Kevin Jones 564dcb9e-f000-4ff0-90b3-20cbd07f419b Enforcer 3.0 makes it even easier to develop and maintain authorization policy written in ALFA. The 3.0 release enhances the IDE experience, providing tools such as rename, goto definition and find all references https://www.identityserver.com/articles/writing-authorization-policy-just-got-easier Mon, 25 Sep 2023 00:00:00 GMT https://www.identityserver.com/articles/writing-authorization-policy-just-got-easier Andrew Clymer efdcb04a-9ac6-49ab-a104-f901ad963506 Do you want to create a Single Sign-On (SSO) solution based on Duende IdentityServer? Do you want a management UI for managing users and IdentityServer configuration? Then look no further; our Duende IdentityServer & AdminUI code template will have you up and running in less than 15 minutes. https://www.identityserver.com/articles/duende-identityserver-plus-adminui-quick-start-template Mon, 28 Aug 2023 00:00:00 GMT https://www.identityserver.com/articles/duende-identityserver-plus-adminui-quick-start-template Nacho Escrig 07dd52ca-47ac-4da1-958b-a4ecd96ec5e1 At first glance SMS sounds like a reasonable technology for password reset. However, it's far from it. https://www.identityserver.com/articles/is-sms-a-sensible-choice-for-password-reset Tue, 22 Aug 2023 00:00:00 GMT https://www.identityserver.com/articles/is-sms-a-sensible-choice-for-password-reset Andrew Clymer 8998324d-33a2-4df2-9863-db17b29e5717 It is important to consider the potential risks associated with using email as a form of two-factor authentication. It may be worth exploring alternative options that offer increased security. https://www.identityserver.com/articles/the-dangers-of-considering-email-as-two-factor-authentication Tue, 27 Jun 2023 00:00:00 GMT https://www.identityserver.com/articles/the-dangers-of-considering-email-as-two-factor-authentication Paul Brummitt 8ec1bcdc-78b7-4f5e-a93a-194d79724d84 Discover the Dynamic Authentication Providers feature for AdminUI, including its functionality and a video demonstration. https://www.identityserver.com/articles/using-dynamic-authentication-providers-feature-in-duende-identityserver-with-adminui Tue, 02 May 2023 00:00:00 GMT https://www.identityserver.com/articles/using-dynamic-authentication-providers-feature-in-duende-identityserver-with-adminui Kieran Odinius 6580caaa-1b14-4275-b88a-b52c8cfa0676 Since its inception, AdminUI has been an application requiring no development effort to get it running. However, it is not as flexible as some of our customers require. So let's fix that! https://www.identityserver.com/articles/adminui-as-a-framework Tue, 28 Feb 2023 00:00:00 GMT https://www.identityserver.com/articles/adminui-as-a-framework Andrew Clymer 8386b33c-c319-4070-86a5-d56d326b4a28 As of January 2023, Rock Solid Knowledge is proud to announce that we are a Certified B -Corporation™. B Corp questions assess every aspect of your organisation - from the environment to governance to how we treat our workers and customers. https://www.identityserver.com/articles/first-ids-bcorp Wed, 22 Feb 2023 00:00:00 GMT https://www.identityserver.com/articles/first-ids-bcorp Kieran Odinius 825483eb-07c2-4fd2-8b3a-1553fdb18b5e Client-Initiated Backchannel Authentication (CIBA) is a new OpenID Connect specification that describes decoupled authentication flows. This article describes how to implement a CIBA flow inside Duende IdentityServer. https://www.identityserver.com/articles/ciba-in-identityserver Wed, 16 Nov 2022 00:00:00 GMT https://www.identityserver.com/articles/ciba-in-identityserver Ben Archer f3f23dfb-cd51-4b4a-b727-30064cd702fc IdentityServer4 will no longer be supported from 13th December 2022. We outline our product-specific support and migration steps to Duende IdentityServer https://www.identityserver.com/articles/identityserver4-eol Fri, 04 Nov 2022 00:00:00 GMT https://www.identityserver.com/articles/identityserver4-eol Kieran Odinius 04bb5883-3f08-42dd-b792-fcec32539337 Are you looking to support WS-Federation clients into your IdentityServer? If so, this tutorial will help you implement a cross-protocol SSO. https://www.identityserver.com/articles/ws-federation-integration-with-duende-identityserver Tue, 11 Oct 2022 00:00:00 GMT https://www.identityserver.com/articles/ws-federation-integration-with-duende-identityserver Sundas Choudry c47f85e5-7df4-4862-a2f8-c264cee626f9 AdminUI now supports custom identity implementations for users with their own identity schemas or extensions of the ASP.NET Identity schema. https://www.identityserver.com/articles/adminui-63-release-notes Wed, 21 Sep 2022 00:00:00 GMT https://www.identityserver.com/articles/adminui-63-release-notes Sam Brinsden 6d8766f7-01e1-4e9f-a094-fede4390bc57 Creating a secure login experience that defends against password stuffing and spraying can lead to an unpleasant user experience. Using Risk-Based Authentication allows you to adapt the login experience based on the current threat level, resulting in a secure and, more often than not, pleasant user experience. https://www.identityserver.com/articles/what-is-risk-based-authentication Thu, 18 Aug 2022 00:00:00 GMT https://www.identityserver.com/articles/what-is-risk-based-authentication Andrew Clymer 310560e3-e287-4105-a7ef-e05bd2cc1b31 IdentityServer uses a persisted grants table to store reference and refresh tokens. Clean-up code needs to be run periodically to remove expired tokens. The built-in functionality works for small/medium usage, but alternative approaches should be considered for high usage. This article outlines an alternative approach using a SQL stored procedure. https://www.identityserver.com/articles/efficient-cleaning-up-of-the-persisted-grant-table Mon, 15 Aug 2022 00:00:00 GMT https://www.identityserver.com/articles/efficient-cleaning-up-of-the-persisted-grant-table Andrew Clymer 28466f14-44d4-42d3-a710-0a52b8ce432b Are you looking to support SAML clients or external SAML identity providers in your IdentityServer? If so, this tutorial will help you implement a cross-protocol SSO. https://www.identityserver.com/articles/saml-20-integration-with-duende-identityserver Fri, 29 Jul 2022 00:00:00 GMT https://www.identityserver.com/articles/saml-20-integration-with-duende-identityserver Sundas Choudry 6bff30c1-cf96-4d7e-93e4-228c3784f7eb To align AdminUI and Duende IdentityServer licensing, newly purchased copies of AdminUI come with a lower cost annual license https://www.identityserver.com/articles/new-adminui-licensing Mon, 04 Apr 2022 00:00:00 GMT https://www.identityserver.com/articles/new-adminui-licensing Kieran Odinius 27704a60-1039-4c6d-816b-0514cc92f08d This article will build upon your existing OAuth knowledge to learn about Open Banking’s architecture, its new acronyms, and what implementation is the best fit for you. https://www.identityserver.com/articles/open-banking-for-oauth-developers Tue, 08 Mar 2022 00:00:00 GMT https://www.identityserver.com/articles/open-banking-for-oauth-developers Scott Brady 43e05060-97fa-4dab-bed7-5d1e36d1bbfa Rsk.Saml v5 includes new features, improvements and breaking changes. Such as support for .NET 6, Duende IdentityServer v6 and HTTP Artifact binding. https://www.identityserver.com/articles/rsksaml-v5-release-notes Tue, 08 Feb 2022 00:00:00 GMT https://www.identityserver.com/articles/rsksaml-v5-release-notes Sundas Choudry 5f720f21-4653-44b7-bfa0-93858d8bfd17 Duende IdentityServer (IDS) 6 was released earlier this year – our products continue to support the framework in its latest update. https://www.identityserver.com/articles/duende-identityserver-v6-product-releases Mon, 07 Feb 2022 00:00:00 GMT https://www.identityserver.com/articles/duende-identityserver-v6-product-releases Kieran Odinius 9f2f73c7-e439-48bf-88cd-0bc50fc90128 SAML implementations typically exchange sensitive user data via the browser. This considerably increases the attack surface of your Single Sign-On (SSO) solution. Luckily, SAML offers an alternative mechanism called HTTP Artifact binding that allows protocol messages to be transported more securely. https://www.identityserver.com/articles/improving-saml-sso-security-using-http-artifact-binding Thu, 18 Nov 2021 00:00:00 GMT https://www.identityserver.com/articles/improving-saml-sso-security-using-http-artifact-binding Sundas Choudry 4338aca5-e3d6-4fff-b2b6-4f2137bb84d6 If you are new to SSO, the learning curve can appear quite daunting; not only do you have to change the way your applications perform authentication, you also need to configure and deploy the single sign-on server. Our All in one solution gets you started in minutes. https://www.identityserver.com/articles/getting-started-with-sso Wed, 01 Sep 2021 00:00:00 GMT https://www.identityserver.com/articles/getting-started-with-sso Andrew Clymer 3b7c5f8b-63e4-47ee-a46b-ac406faee78c AdminUI has recently been made available as a universal project, meaning we now support a Linux installation scenario rather than recommending Docker as a multiplatform approach. This article will go through the steps needed to get AdminUI up and running on Linux. https://www.identityserver.com/articles/installing-identityserver-and-adminui-on-linux Thu, 24 Jun 2021 00:00:00 GMT https://www.identityserver.com/articles/installing-identityserver-and-adminui-on-linux Sam Brinsden 5756368b-248f-4cfb-9755-8cda2f4b27a0 Microservices is a common architectural pattern, but how best to integrate it with Attribute Based Access Control (ABAC). https://www.identityserver.com/articles/implementing-abac-in-a-microservice-architecture Fri, 05 Mar 2021 00:00:00 GMT https://www.identityserver.com/articles/implementing-abac-in-a-microservice-architecture Andrew Clymer b863a95f-a469-4d47-b972-9a731bf23517 An account enumeration attack involves an attacker attempting an action, such as authentication or password reset, and looking for differences between responses to gain information on the system. Learn how to harden your SSO solution against these attacks. https://www.identityserver.com/articles/account-enumeration-how-to-harden-your-sso-solution Fri, 26 Feb 2021 00:00:00 GMT https://www.identityserver.com/articles/account-enumeration-how-to-harden-your-sso-solution Jo Stevens 02c05796-0ebf-46bc-85e0-326007897280 SAML works really well for server-side applications, providing single sign-on across your applications. But can you use SAML with modern application types such as SPAs and mobile apps? https://www.identityserver.com/articles/why-you-wouldn-t-use-saml-in-a-spa-and-mobile-app Mon, 01 Feb 2021 00:00:00 GMT https://www.identityserver.com/articles/why-you-wouldn-t-use-saml-in-a-spa-and-mobile-app Sundas Choudry d365a9de-a5a0-4f9e-aa59-e9131e1fb547 When will products be supporting Duende IdentityServer? Will I have to pay for my component to work with Duende IdentityServer? How can I keep up to date with product releases? https://www.identityserver.com/articles/announcing-support-for-duende-identityserver Fri, 22 Jan 2021 00:00:00 GMT https://www.identityserver.com/articles/announcing-support-for-duende-identityserver Kieran Odinius f4d8c7d6-bf31-4f9d-ba2d-2fb2227394f7 SAML support for Duende IdentityServer is now available. Over the past few months, we have been updating our SAML component to work with both IdentityServer4 and Duende IdentityServer. As a result, we have split our component into separate packages to handle SAML identity provider and service provider functionality. https://www.identityserver.com/articles/rsksaml-v4 Wed, 20 Jan 2021 00:00:00 GMT https://www.identityserver.com/articles/rsksaml-v4 Scott Brady a7ee96fc-aefb-4a59-be89-393337c6a3fa Applications are designed to deliver functionality to users - this is their primary goal. However, commonly, not all users can do everything in an application: features may be sensitive, they may need a premium subscription, or someone may need to give the user explicit permission to access their data. Delivering this "limiting" of functionality is also a critical part of application design. This article explores options for controlling access to functionality and assesses their strengths and weaknesses https://www.identityserver.com/articles/authorization-what-are-my-options Mon, 14 Dec 2020 00:00:00 GMT https://www.identityserver.com/articles/authorization-what-are-my-options Andrew Clymer c1546265-965e-4c49-b610-6be4c2ad4a0f Looking to get started with IdentityServer and AdminUI? Rock Solid Knowledge has released four new online tutorials to help you kick start your single sign-on solution (SSO). https://www.identityserver.com/articles/online-tutorials-for-getting-started-with-identityserver4-and-adminui Mon, 09 Nov 2020 00:00:00 GMT https://www.identityserver.com/articles/online-tutorials-for-getting-started-with-identityserver4-and-adminui Kieran Odinius e552f772-d379-4da8-b384-2d848486553d The increasing complexity of the digital world is making single sign-on solutions (SSOs) more popular. Understand the benefits in its personal use and across your business, how it can improve employee productivity, and their work experience. https://www.identityserver.com/articles/the-benefits-of-ssos-for-your-business Mon, 02 Nov 2020 00:00:00 GMT https://www.identityserver.com/articles/the-benefits-of-ssos-for-your-business Briean Jenich 3ff1cece-2242-454a-97e8-32ff80be79d5 IdentityServer has reached such a level of adoption that building and maintaining it has become a considerable effort. The creators, Dominick and Brock, have decided that this is no longer tenable with free/sponsored development. Therefore, they have announced the next version of IdentityServer (Duende IdentityServer) will require a paid for license for commercial use. https://www.identityserver.com/articles/identityserver-vnext-duende-identityserver Thu, 01 Oct 2020 00:00:00 GMT https://www.identityserver.com/articles/identityserver-vnext-duende-identityserver Andrew Clymer 36eca3f5-ab64-4397-a13f-5dbe835d496e AdminUI 4.0 now supports IdentityServer v4, changes to API resources and scopes, and additional ways to download and run AdminUI. https://www.identityserver.com/articles/adminui-40-release-notes Wed, 30 Sep 2020 00:00:00 GMT https://www.identityserver.com/articles/adminui-40-release-notes Kieran Odinius c8c8b402-ab5e-4233-8045-edf6d10613d7 Managing user identities across cloud-based architectures can be difficult. By using the SCIM standards we can make this task simpler and more cost effective. This article will cover what SCIM is, why we use SCIM and give you a chance to preview the new SCIM for ASP.NET component from Rock Solid Knowledge. https://www.identityserver.com/articles/managing-identities-across-cloud-based-applications-and-services-with-scim Wed, 16 Sep 2020 00:00:00 GMT https://www.identityserver.com/articles/managing-identities-across-cloud-based-applications-and-services-with-scim Alex Jones 5a1f7d41-906e-4273-9c1c-b030ca65ca84 SAML support for IdentityServer4 v4 is now available. Over the past few months, we have been building new features in our SAML IdP & SP component, culminating in 6 minor releases and 2 major releases. https://www.identityserver.com/articles/rsksaml-v3 Fri, 04 Sep 2020 00:00:00 GMT https://www.identityserver.com/articles/rsksaml-v3 Scott Brady 3e73a50c-19dc-47d3-8143-db8d03cd9f3f AdminUI 3.1 includes: clone client, two new client secret types, no more tokens in the browser, a new installer, redesigned client settings and more. https://www.identityserver.com/articles/adminui-310 Thu, 20 Aug 2020 00:00:00 GMT https://www.identityserver.com/articles/adminui-310 Kieran Odinius 62d370bf-3933-4ec3-a4cb-bcad32982fa0 Looking to get started with FIDO2 for ASP.NET and WebAuthn? Rock Solid Knowledge has released 4 new online tutorials to help you implement our “FIDO2 for ASP.NET” component. https://www.identityserver.com/articles/online-tutorials-for-fido2-for-aspnet Thu, 16 Jul 2020 00:00:00 GMT https://www.identityserver.com/articles/online-tutorials-for-fido2-for-aspnet Scott Brady 4914e336-c4e3-4adf-bc48-06e7d7327c9e With the release of IdentityServer4 v4 comes new features, and with those features come model changes. To account for the model changes, your database needs to be updated. https://www.identityserver.com/articles/migrating-your-identityserver4-v3-database-to-identityserver4-v4 Thu, 09 Jul 2020 00:00:00 GMT https://www.identityserver.com/articles/migrating-your-identityserver4-v3-database-to-identityserver4-v4 Alex Jones c4e2399c-cef0-4940-9720-1893bf9f9f79 Physical biometrics, such as fingerprint or facial recognition, are super useful when logging into mobile apps. It allows the user to prove their presence without having to manage a password or go through a Multi-factor Authentication (MFA) process. So why can't you use biometrics in the browser? https://www.identityserver.com/articles/using-biometrics-in-aspnet-core Mon, 06 Jul 2020 00:00:00 GMT https://www.identityserver.com/articles/using-biometrics-in-aspnet-core Scott Brady c055b746-a6a4-414b-997e-620332659741 Guided walkthrough on how you can use AdminUI to only manage your IdentityServer configuration. https://www.identityserver.com/articles/using-adminui-to-only-manage-your-client-applications Thu, 18 Jun 2020 00:00:00 GMT https://www.identityserver.com/articles/using-adminui-to-only-manage-your-client-applications Jo Stevens 23dbb44e-4bd0-4108-87fc-fe19c76d7fe8 Confirmation of identity is central to all security decisions. A whole host of decisions are made based on a user proving who they are. Failing to successfully prove identity means the entire authorization system comes crashing down. https://www.identityserver.com/articles/strong-authentication-without-the-drama Tue, 09 Jun 2020 00:00:00 GMT https://www.identityserver.com/articles/strong-authentication-without-the-drama Andrew Clymer a38a8b3c-2b2c-455e-be6b-ec64da505d56 Learn how to create a self-service portal for user claims https://www.identityserver.com/articles/adminuis-user-settings-endpoints Thu, 28 May 2020 00:00:00 GMT https://www.identityserver.com/articles/adminuis-user-settings-endpoints Joe Harvey 4ef112ce-416e-42bc-9d83-755e8f5a085c SAML single sign-on (SSO) allows the end-user to securely authenticate across multiple applications by logging in once using one set of credentials. However, authentication is only the first half of the story. https://www.identityserver.com/articles/the-challenge-of-building-saml-single-logout Wed, 27 May 2020 00:00:00 GMT https://www.identityserver.com/articles/the-challenge-of-building-saml-single-logout Sundas Choudry e14aaf1c-7512-4b59-aae8-44f67ecd6481 Companies with multiple systems that each require users to login and manage different accounts have an increased cost of ownership. Single sign-on solutions provide a reduced cost of ownership. There are many out there but which one is best for you? https://www.identityserver.com/articles/choosing-a-single-sign-on-solution Tue, 19 May 2020 00:00:00 GMT https://www.identityserver.com/articles/choosing-a-single-sign-on-solution Andrew Clymer 235333ef-48e5-40ad-95f3-4568a84fb05f IdentityServer provides access tokens for clients to access protected resources and identity tokens for describing user authentication. Find out how the KeyManagement component automatically rotates keys for you https://www.identityserver.com/articles/why-you-need-to-rotate-your-signing-keys Fri, 01 May 2020 00:00:00 GMT https://www.identityserver.com/articles/why-you-need-to-rotate-your-signing-keys Andrew Clymer c0523247-6605-477c-a7ee-6e4fbb1f6680 We are happy to announce that AdminUI 3.0.0 now runs on ASP.NET Core 3.1. Alongside the migration we have added a new client wizard to support Proof-key for Code Exchange (PKCE) for Web apps. https://www.identityserver.com/articles/adminui-300 Tue, 21 Apr 2020 00:00:00 GMT https://www.identityserver.com/articles/adminui-300 Kieran Odinius 2333cfd8-b95a-4686-8e56-d1bdd4b0245c Rock Solid Knowledge is pleased to announce that their FIDO2 for ASP.NET component has now achieved FIDO2 certification from the FIDO Alliance. FIDO2 certification means that the FIDO Alliance has certified that our component complies with the FIDO specifications and meets specific security profiles. https://www.identityserver.com/articles/announcing-the-first-fido2-certified-component-for-aspnet-core Tue, 07 Apr 2020 00:00:00 GMT https://www.identityserver.com/articles/announcing-the-first-fido2-certified-component-for-aspnet-core Scott Brady 0a7f776b-b5cf-4d51-bc9e-cca2c8356319 Out of the box, AdminUI doesn't support existing implementations of IdentityServer4 and ASP.NET Core Identity. Before you can run AdminUI you will need to make both code changes and schema migrations. https://www.identityserver.com/articles/migrate-your-identityserver-solution-to-use-adminui Tue, 31 Mar 2020 00:00:00 GMT https://www.identityserver.com/articles/migrate-your-identityserver-solution-to-use-adminui Alex Jones 9b3beacf-1ba0-496a-9a9d-5eb547eeefb3 Scott Brady and Dominick Baier discuss what’s coming with the latest version of IdentityServer4 v4 at NDC London. https://www.identityserver.com/articles/discover-whats-planned-for-identityserver4-v4 Wed, 25 Mar 2020 00:00:00 GMT https://www.identityserver.com/articles/discover-whats-planned-for-identityserver4-v4 Kieran Odinius fce4a04d-8863-494e-aeb4-1f60886b3ac7 AdminUI 2.6 delivers new Import and Export client configuration functionality, along with a complete UI refresh! https://www.identityserver.com/articles/adminui-260 Thu, 20 Feb 2020 00:00:00 GMT https://www.identityserver.com/articles/adminui-260 Kieran Odinius 58f8168f-a208-42fd-a4e3-3db45220d3c6 Evilginx is a tool that allows you to create phishing websites capable of stealing credentials and session cookies despite the use of common 2FA mechanisms such as TOTP and push notifications. The only way to truly protect your users from this kind of phishing attack is using FIDO. https://www.identityserver.com/articles/defeating-phishing-with-fido2-for-aspnet Thu, 23 Jan 2020 00:00:00 GMT https://www.identityserver.com/articles/defeating-phishing-with-fido2-for-aspnet Scott Brady b0ffd345-9630-45b4-845c-aa20088976ad We are proud to announce our third major update for AdminUI of 2019. It delivers a brand new Role User Management feature, alongside improved accessibility and bug fixes. https://www.identityserver.com/articles/adminui-25 Mon, 07 Oct 2019 00:00:00 GMT https://www.identityserver.com/articles/adminui-25 Kieran Odinius 7115daf2-b4df-4962-83d2-bbc06b730782 Microsoft released ASP.NET Core 3.0 a few weeks ago, which means breaking changes for everyone! However, you will be pleased to know that there are no breaking changes for the IdentityServer4 commercial components. Our products are now multi-targeting .NET Standard 2.0 and .NET Core 3.0, using a single codebase. https://www.identityserver.com/articles/identityserver4-components-for-aspnet-core-30 Mon, 07 Oct 2019 00:00:00 GMT https://www.identityserver.com/articles/identityserver4-components-for-aspnet-core-30 Scott Brady 2dcf0060-45a8-4e44-8728-3cee50a97836 FIDO2 offers a replacement for passwords in the form of frictionless, possession-based authentication. Thanks to our newest component, FIDO2 for ASP.NET Core, this is now something Rock Solid Knowledge can help you with. https://www.identityserver.com/articles/fido2-for-aspnet-core-solving-the-password-problem Tue, 10 Sep 2019 00:00:00 GMT https://www.identityserver.com/articles/fido2-for-aspnet-core-solving-the-password-problem Scott Brady bfbc5361-ca87-48c1-a661-e33b25485335 For over 30 years, we have used single passwords to verify identity, and we have known that they are vulnerable to a variety of attacks. Two-Factor authentication has been applied to strengthen the mechanism, but they often increase friction for the user, and can still be vulnerable to phishing attacks. The solution: FIDO2. https://www.identityserver.com/articles/2fa-all-the-way Tue, 10 Sep 2019 00:00:00 GMT https://www.identityserver.com/articles/2fa-all-the-way Andrew Clymer 1b673fa4-7d63-4453-ac6e-9117d00329b4 If you wish to use Integrated Security here is what you need to know. https://www.identityserver.com/articles/adminui-connecting-to-sql-server-using-integrated-security Tue, 30 Jul 2019 00:00:00 GMT https://www.identityserver.com/articles/adminui-connecting-to-sql-server-using-integrated-security Christopher Myhill b770900d-eee1-46fd-94e4-621c87c2ca8e AdminUI 2.4 includes 3 new client wizards, a new installer, inbuilt documentation and much more. https://www.identityserver.com/articles/adminui-240 Thu, 11 Jul 2019 00:00:00 GMT https://www.identityserver.com/articles/adminui-240 Kieran Odinius a400631e-0af1-4997-a6d3-330c551d96d8 One issue we hear a lot from our customers is the inability to add and configure external identity providers during runtime. To solve this, Rock Solid Knowledge have developed a new component for ASP.NET Core called Dynamic Authentication Providers. https://www.identityserver.com/articles/dynamic-authentication-providers Mon, 08 Jul 2019 00:00:00 GMT https://www.identityserver.com/articles/dynamic-authentication-providers Scott Brady 07a8b845-b84d-4463-be65-3c986c6cd805 When using SAML, we have two methods for starting Single Sign-On (SSO): SP-initiated or IdP-initiated. Both have their use cases, but one is more secure than the other. No points for guessing from the title. https://www.identityserver.com/articles/the-dangers-of-saml-idp-initiated-sso Thu, 06 Jun 2019 00:00:00 GMT https://www.identityserver.com/articles/the-dangers-of-saml-idp-initiated-sso Scott Brady efdc57a7-4445-4759-8df8-93cfde57147a Rock Solid Knowledge is pleased to announce version 2.4 of the IdentityServer4 SAML component. This release includes new features for both SAML Service Providers and Identity Providers, based on user feedback and sponsored development. https://www.identityserver.com/articles/saml-24-release-notes Thu, 06 Jun 2019 00:00:00 GMT https://www.identityserver.com/articles/saml-24-release-notes Scott Brady bcfe6b0a-d0d8-48b9-884c-4d3f45fd30e0 Having trouble convincing your colleagues that using the password grant type is a terrible idea? Is the allure of owning the login UI too strong for your design team? Then check out our fact sheet below for quick and easy facts about why you should never use the Resource Owner Password Credentials flow with public clients such as mobile applications. https://www.identityserver.com/articles/fact-sheet-the-dangers-of-using-the-password-grant-type-with-mobile-applications Fri, 22 Mar 2019 00:00:00 GMT https://www.identityserver.com/articles/fact-sheet-the-dangers-of-using-the-password-grant-type-with-mobile-applications Scott Brady 0264d9ef-248e-4de6-a433-d78ab26ca48e Recently, due to a renewed discussion in the OAuth Working Group, the recommended approach for securing browser-based applications (such as JavaScript SPAs) has changed https://www.identityserver.com/articles/change-in-recommendations-for-browser-based-applications Fri, 15 Feb 2019 00:00:00 GMT https://www.identityserver.com/articles/change-in-recommendations-for-browser-based-applications Scott Brady 90802dd5-fb21-48aa-b0d5-b9961bd91118 Today we are pleased to announce the release of the AdminUI Event Sink for IdentityServer... https://www.identityserver.com/articles/adminui-audit-event-sink Thu, 07 Feb 2019 00:00:00 GMT https://www.identityserver.com/articles/adminui-audit-event-sink Christopher Myhill b525714b-29ec-4d75-8d11-def30d801c0c We are pleased to announce the release of AdminUI 2.3 compatible with IdentityServer4 2.x, featuring Auditing and DeviceFlow support... https://www.identityserver.com/articles/adminui-23-release-notes Tue, 15 Jan 2019 00:00:00 GMT https://www.identityserver.com/articles/adminui-23-release-notes Kieran Odinius 277232aa-2780-43ac-ae76-284f8603cbdb We are pleased to announce the full release of .NET Core support for the IdentityServer4 SAML and WS-Federation components... https://www.identityserver.com/articles/saml-ws-federation-22-23-released Tue, 15 Jan 2019 00:00:00 GMT https://www.identityserver.com/articles/saml-ws-federation-22-23-released Scott Brady 03c4864c-1a4f-4dae-8474-d9f5c99921ff We are pleased to announce the open BETA of the IdentityServer4 WS-Fed component, allowing IdentityServer to act as an Identity Provider (IdP) using WS-Fed... https://www.identityserver.com/articles/announcing-ws-federation-support-for-identityserver4-and-net-core Sat, 22 Dec 2018 00:00:00 GMT https://www.identityserver.com/articles/announcing-ws-federation-support-for-identityserver4-and-net-core Scott Brady c0d972e7-0a70-4224-9442-07c8c4c74555 AdminUI offers a couple of webhooks enabling it to tightly integrate with your own custom user onboard or password reset journies... https://www.identityserver.com/articles/extending-adminui-with-newuser-and-passwordreset-webhooks Fri, 26 Oct 2018 00:00:00 GMT https://www.identityserver.com/articles/extending-adminui-with-newuser-and-passwordreset-webhooks Jo Stevens a2eca445-1660-45e9-8acc-dceb4b246c77 In response to customer feedback, we are pleased to announce that there is now multi-level administration in AdminUI 2.2... https://www.identityserver.com/articles/adminuis-new-access-policy Thu, 11 Oct 2018 00:00:00 GMT https://www.identityserver.com/articles/adminuis-new-access-policy Joe Harvey 178d49c9-3663-47d0-91aa-1b36c8c72c99 There have been bold claims of killing passwords off for years. Recently there's been a lot of buzz about a potentially viable solution: FIDO2... https://www.identityserver.com/articles/fido2-the-end-of-passwords-is-near Thu, 27 Sep 2018 00:00:00 GMT https://www.identityserver.com/articles/fido2-the-end-of-passwords-is-near Scott Brady 90f8c140-4adf-47fd-ba15-aab6edb12bfb We are pleased to announce the release of AdminUI 2.2. We've added support for new languages, redesigned the landing page, and addressed a number of bugs... https://www.identityserver.com/articles/adminui-22-release-notes Tue, 11 Sep 2018 00:00:00 GMT https://www.identityserver.com/articles/adminui-22-release-notes Kieran Odinius 7312feda-d835-4269-aabe-44b9f076492e AdminUI uses a custom ASP.NET Core Identity schema that extends the default user entities, allowing existing IdentityServer solutions to continue using these entities... https://www.identityserver.com/articles/extending-the-adminui-schema Wed, 22 Aug 2018 00:00:00 GMT https://www.identityserver.com/articles/extending-the-adminui-schema Scott Brady 56d3ffe8-f22c-47f5-8d0c-1a0199ea87c4 Security Assertion Markup Language (SAML) is used to communicate authentication data between two parties. Implementing IdentityServer4 in the world of OpenID Connect? You could call it a "legacy" protocol... https://www.identityserver.com/articles/saml-20-integration-with-identityserver4 Thu, 16 Aug 2018 00:00:00 GMT https://www.identityserver.com/articles/saml-20-integration-with-identityserver4 Scott Brady c07ddf81-5621-4fc1-bed0-5472744abd48 We are pleased to announce the first preview release of the IdentityServer4.Saml built using .NET Standard 2.0... https://www.identityserver.com/articles/announcing-net-core-support-for-the-identityserver4-saml-component Thu, 09 Aug 2018 00:00:00 GMT https://www.identityserver.com/articles/announcing-net-core-support-for-the-identityserver4-saml-component Scott Brady a38d3ece-e98b-4153-bbad-25643c674edd Recently one of our customers came to us with a problem; their email campaign links all required an authenticated user, and as a result, a significant portion of users abandoned the campaign... https://www.identityserver.com/articles/increasing-click-through-rates-with-identityserver4-passwordless-authentication Mon, 16 Jul 2018 00:00:00 GMT https://www.identityserver.com/articles/increasing-click-through-rates-with-identityserver4-passwordless-authentication Scott Brady fc4ab91a-2eb1-404f-a96e-10b04aaad1a9 We are pleased to announce the BETA release of IdentityManager2, the newest version of the IdentityManager project, ported to ASP.NET Core with example support for ASP.NET Core Identity... https://www.identityserver.com/articles/announcing-identitymanager2 Mon, 09 Jul 2018 00:00:00 GMT https://www.identityserver.com/articles/announcing-identitymanager2 Scott Brady bdb87cb0-450b-46ab-94d0-5885b93f47c8 An update to address some bugs found in the software by the community. Thank you for bringing these problems to our attention and look forward to bringing more high-quality updates to you in the future... https://www.identityserver.com/articles/adminui-212-release-notes Wed, 23 May 2018 00:00:00 GMT https://www.identityserver.com/articles/adminui-212-release-notes Kieran Odinius 17cf256c-e78a-430b-a395-0894ba45d869 One of the few legitimate uses for the Resource Owner Password Credentials grant type is for browserless devices (smart TVs or Internet of Things etc). To address the issue of such devices, the OAuth working group are in the stages of finalizing a new spec... https://www.identityserver.com/articles/an-introduction-to-the-oauth-device-flow Tue, 27 Mar 2018 00:00:00 GMT https://www.identityserver.com/articles/an-introduction-to-the-oauth-device-flow Scott Brady 6d909488-5ae4-4ec1-91c1-e60086d849bd We are pleased to announce the release of AdminUI 2.1, with new features focused on internationalization, usability, and accessibility. This includes bug fixes and UX improvements... https://www.identityserver.com/articles/adminui-21-released Tue, 20 Mar 2018 00:00:00 GMT https://www.identityserver.com/articles/adminui-21-released Scott Brady d0063b7e-a546-4c19-9e1f-47662468f830