Skip to content

IdentityServer – pros and cons

Technology

Oct 31, 2019 - 2 minutes read

KBS_8042-e1564127045712
Paweł Wichary
See all Paweł's posts
Retail Report Resources

Share

TL;DR: IdentityServer is a set of services and middleware which incorporated into an ASP.NET Core app creates an authentication server. A good practice is to host this server as a separate entity. All in all, IdentityServer is a very good tool – within minutes/hours you can have a server up and running that agrees with OAuth 2.0 and OpenID Connect. You get an SSO for various apps.

IdentityServer Pros

  • OAuth 2.0 support (access tokens to resources, namely the sites where a user can allow an app to access the resources using the user’s credentials)
  • Support for all the OAuth 2.0 Flows, i.e. you can easily authorise users in apps such as:
    • websites
    • mobile apps
    • standalone apps
    • IoT devices
    • Gaming consoles like Xbox
  • OpenID Connect support (user authentication tokens)
  • Server configuration via a code (configuration as a code)
  • Smooth integration with .NET Core, plus you get to code everything using C#
  • Very useful documentation (with examples)
  • Implements many specifications
  • C# developers proficient in using OAuth 2.0 and OpenID Connect will be very effective
  • It has templates that form the basis of a code (using CLI)
  • The template code is a great base for a server that grants SSO to users in-memory (hardcode). Alternatively, you can get a user pool from a database, but you have to develop this feature
  • Perfect for situations when you have various apps that can use one authentication server
  • Easily extendable if you need to have:
    • Ability to log-in from another service
    • ‘Remind password based on XYZ’ functionality
    • Some other feature because in the end all is based on .NET Core

IdentityServer Cons

  • The server’s code template lacks:
    • user registration
    • ‘forgot password’ functionality
    • MFA
    • Google Recaptcha
Retail Report Resources
Paweł Wichary
See all Paweł's posts

Related posts

You might be also interested in

Contact

Start your project with Objectivity

CTA Pattern - Contact - Middle

We use necessary cookies for the functionality of our website, as well as optional cookies for analytic, performance and/or marketing purposes. Collecting and reporting information via optional cookies helps us improve our website and reach out to you with information regarding our organisaton or offer. To read more or decline the use of some cookies please see our Cookie Settings.