Menu
IdentityServer supports different OpenId Connect flows that are defined in the Flows enum and set for clients. There's also samples for each type of flow and many references to them in the docs but I could not find a simple definition list of what flows are in the documentation as if they are too obvious to explain in words. But I guess they're not. Can you please tell more about the differences of these, maybe we can add that to the docs?
So what are: implicit flow, resource owner password credential flow, authorization code flow, client credentials flow, custom grant flow, and hybrid flow? Also which ones are OAuth flows and which ones are OpenID Connect flows?
Thanks!
562
IdentityServer is an authentication server that implements OpenID Connect (OIDC) and OAuth 2.0 standards for ASP.NET Core. It's designed to provide a common way to authenticate requests to all of your applications, whether they're web, native, mobile, or API endpoints.
IdentityServer4 support will last until the end of life of . NET Core 3.1 that means till November 2022. In that way, Duende provides new documentation for the fifth service version.
The Hybrid Flow is an OpenID Connect flow which incorporates characteristics of both the Implicit flow and the Authorization Code flow. It enables clients to obtain some tokens straight from the Authorization Endpoint, while still having the possibility to get others from the Token Endpoint.
The implicit flow is a browser only flow. It is less secure than the Code Flow since it doesn't authenticate the client. But it is still a useful flow in web applications that need access tokens and cannot make use of a backend.
I faced the same Issue, currently the work still in progress. when I finish the documentation, I might post it here. for time being: please check the draft:
Enrich IdentityServer Documentation with OIDC and OAuth2 Flows section #73
Update: OIDC and OAuth2 Flows
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
