Menu
Can somebody explain the connection between Identity and IdentityServer?
There was a recent article that says there will be a new version of IdentityServer (ie IdentityServer 4).
I'm doing a ASP.NET 5 project. I only heard of Identity 3 before and I'm planning to use it.
Can I use Identity 3 in my project without using this IdentityServer?
897
IdentityServer is an authentication server that implements OpenID Connect (OIDC) and OAuth 2.0 standards for ASP.NET Core. It's designed to provide a common way to authenticate requests to all of your applications, whether they're web, native, mobile, or API endpoints.
ASP.NET Identity is a user store/identity management library. It includes some OWIN helper classes to hook into the OWIN security middleware, but otherwise has nothing to do with authentication. IdentityServer is an OpenID Connect provider, that acts as a central authentication server for multiple applications.
Why do we need IdentityServer4? ASP.NET Identity can receive a security token from a third-party login provider like Facebook, Google, Microsoft and Twitter. But If you want to issue a security token for a local ASP.NET Identity user you need to work with a third-party library like IdentityServer4, OpenIddict.
Cookie authentication IdentityServer registers two cookie handlers (one for the authentication session and one for temporary external cookies).
Can somebody explain the connection between Identity and IdentityServer?
There's no direct connection: ASP.NET Identity is a membership provider (i.e a way to manage your users) while IdentityServer is an OAuth2/OpenID Connect server you can use to support token authentication.
That said, IdentityServer4 will eventually support ASP.NET Identity 3 as a membership store.
Can I use Identity 3 in my project without using this IdentityServer?
Sure, you can use ASP.NET Identity without IdentityServer (and vice versa).
109
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
