OpenID

How to make authenticated requests to an ASP.NET Core web API using IdentityServer4 with Client Credentials.

This is a guide on how to make requests to a protected resource using Client Credentials with the IdentityServer4.Contrib.HttpClientService nuget package. The library is actually an HttpClient service that makes it easy to make authenticated and resilient HTTP requests to protected by IdentityServer4 resources. Additionally, more features include automatic complex type serialization for requests / deserialization for responds (using Json.NET), caching of the token response to reduce load and an HttpRequestMessage factory that adds an “X-HttpClientService” header for logging/tracking between cascading API calls.

Read More »How to make authenticated requests to an ASP.NET Core web API using IdentityServer4 with Client Credentials.

IdentityServer4, ASP.NET Core API and a client with username/password

This is an end-to-end guide on how to quickly setup IdentityServer4, use it in your ASP.NET Core API for authentication, and finally login to your API from a client by asking a user for her/his username and password. It is divided in three parts that describe respectively the configuration of each one of the following three systems:

  • IdentityServer4
    Contains instructions on how to setup and configure a token service based on IdentityServer4, that follows the quick-start guides, keeping only the absolutely minimum requirements for this tutorial
  • ASP.NET Core API
    An API configured to use IdentityServer4 as a middleware that adds the spec compliant OpenID Connect and OAuth 2.0 endpoints
  • Client (API Consumer)
    For this post, just a Console Application that consumes a protected resource from the API

Make authenticated requests to IdentityServer4 protected resources, using the IdentityServer4.Contrib.HttpClientService nuget package. It’s open source on github, just follow these Getting Started instructions or take a look at at sample!

Read More »IdentityServer4, ASP.NET Core API and a client with username/password