What would it be an alternative for identity server 4?

Question

Identity server 4 will not longer be maintained after November 2022 so logically we want to move away from that. I was looking for alternatives but it seems there ain't much out there. We don't wanna go for Duende to avoid the license, same goes with AAD. Will rolling out own identity service for a single Kubernetes solution make sense?

Edit: Maybe the question itself was not clearly stated. I know it would be possible to roll my own "identity solution", however, I am not aware of the implications of this. I would like to know if there is any other free or open source solution we could use to make this happen. If not, how hard or difficult will it be to do it on our own? I haven't found much information regarding doing this from scratch either.

Answer 1

If you are looking for free IdentityServer(duende) alternatives, I would like to suggest this article: 3 Possible Alternatives To IdentityServer.

• OpenIddict: open-source .NET library that helps you implement a security token service (STS). Explore great OpenIddict samples in this Blazor repository (or its fork) and this repository (or its fork).
• Azure Active Directory (AAD) B2C: Microsoft’s Software-as-a-Service (SaaS) identity and access management for customer-facing apps offering.
• Keycloak: open-source Java-based identity and access management (IAM) solution.

I think the best option in your case is OpenIddict

Perhaps this article will be of interest to you as well:

.NET 6.0 - JWT Authentication with Refresh Tokens

IdentityServer Community Edition:

IdentityServer Community Edition: A free license that is feature equivalent to Enterprise Edition

You can still utilize IdentityServer at no cost for:

• For-profit companies/individuals less than 1M USD projected annual gross revenue and with access to less than 3M USD in capital facilities.
• Non-profit organization with a published annual budget less than 1M USD
• Registered charities

Kindly, be aware that the license remains valid for one year, necessitating an annual renewal.

I also recommend Authentik (on github) or Authelia (on github), depending on your needs. Personally, I use OpenIddict for software development. Authentik is great choice for my homelab, and it works flawlessly. Authentik is open-source, lightweight, and integrates well with various applications. Authelia is also great if you need more advanced multi factor authentication features.

Update august 2025:

I recently found a great open source project called Logto. You can check their repo or this fork