Identity server concept
According to the definition of Microsoft, IdentityServer is an authentication server which implements OpenID Connect (OIDC) and OAuth 2.0 framework for ASP.NET Core. This is an open source framework which provides a common approach to authenticate the users when use the clients to access the data. Therefore, this single entity can be used to protect both clients and API resources. When using the identity server, what is simply happening is when a user needs to access to the data, the client is requesting an access token which can be used as a permission that allows to access to the API responses.
The above picture can be used to explain the process in detail.
1. To access to the resources first, users have to use the clients which are the places that calls to the Identity Server.
2. Then clients request tokens from the identity server either to authenticate the users via identity tokens (contain all the identity data of users) or to grant the access to the resources via access tokens (contains all the information about client and user).
3. Once the token has received by the client, it will call the API with the token in resources.
4. Then the resources send a request to the Identity server to validate the token.
5. Once they receive the token validation results, the API will return the data to the clients.
6. Finally, users will have the access to the resources data through the clients.
Benefits and features of IdentityServer
By using the IdentityServer, we can avoid duplicating the fundamental security functionalities across the application and its endpoints. Also, this can be used as a centralized authentication server for multiple applications which is capable of managing and authenticating clients and users, issuing identity and access tokens to clients and validating them. Moreover, this provides session management, single sign-on option, and a gateway to third party identity providers like Facebook, Google, etc. At the end, this is an open source framework and we can implement all the above mentioned features without getting charged.
After getting familiar with the IdentityServer concept and its features, in the next chapter, we will discuss how to setup and configure IdentityServer4 with the fundamentals.
Thanks for reading!
Follow and clap for more industry trends news.