Articles

05 May 2025
Enforcer 5.0 Is Here: Smarter Authorization, Now AuthZen-Ready

Patrick Allwood

Enforcer 5.0 Is Here: Smarter Authorization, Now AuthZen-Ready
27 Mar 2025
Inclusive, Secure, and Verified: The Future of Digital Identity Verification

Andrew Clymer

Job Role

Head of Identity and Access Management

Inclusive, Secure, and Verified: The Future of Digital Identity Verification
11 Mar 2025
Why Passkeys are the Future of Accessible Authentication

Sean Farrow

Job Role

Software Engineer

Why Passkeys are the Future of Accessible Authentication
15 Oct 2024
SCIM Cursor Pagination

Implementation of the draft-ietf-scim-cursor-pagination-05

Andrew Clymer

Job Role

Head of Identity and Access Management

SCIM Cursor Pagination
14 Oct 2024
FIPS and FIDO2/Passkeys

V4.0 of our FIDO2/Passkey component uses a FIPS 140-3 certified cryptographic module.

Andrew Clymer

Job Role

Head of Identity and Access Management

FIPS and FIDO2/Passkeys
28 Apr 2024
Moving your AdminUI All-in-one Template into Production

Moving your local Single-Sign-On (SSO) solution onto production can be scary, but with this essential configuration, you will be on the right track.

Nacho Escrig

Job Role

Software Developer

Moving your AdminUI All-in-one Template into Production
15 Jan 2024
Mitigate Phishing Attacks

What is a Phishing attack? What can organizations do to prevent phishing attacks? How does EvilJinx and FIDO come into play?

Kevin Jones

Job Role

Consultant

Mitigate Phishing Attacks
23 Nov 2023
Don't Use Claims for Authorization

When discussing security, we often divide it into two parts: authentication and authorization. So, what's the difference between the two? When should I be using a claim, and why shouldn't i use it to drive policy?

Kevin Jones

Job Role

Consultant

Don't Use Claims for Authorization
25 Sept 2023
Writing Authorization Policy Just Got Easier

Enforcer 3.0 makes it even easier to develop and maintain authorization policy written in ALFA. The 3.0 release enhances the IDE experience, providing tools such as rename, goto definition and find all references

Andrew Clymer

Job Role

Head of Identity and Access Management

Writing Authorization Policy Just Got Easier
28 Aug 2023
Quick Start Duende IdentityServer SSO with Management Console

Do you want to create a Single Sign-On (SSO) solution based on Duende IdentityServer? Do you want a management UI for managing users and IdentityServer configuration? Then look no further; our Duende IdentityServer & AdminUI code template will have you up and running in less than 15 minutes.

Nacho Escrig

Job Role

Software Developer

Quick Start Duende IdentityServer SSO with Management Console
22 Aug 2023
Is SMS a Sensible Choice for Password Reset?

At first glance SMS sounds like a reasonable technology for password reset. However, it's far from it.

Andrew Clymer

Job Role

Head of Identity and Access Management

Is SMS a Sensible Choice for Password Reset?
27 Jun 2023
The Dangers of Considering Email as Two-Factor Authentication

It is important to consider the potential risks associated with using email as a form of two-factor authentication. It may be worth exploring alternative options that offer increased security.

Paul Brummitt

Job Role

Software Developer

The Dangers of Considering Email as Two-Factor Authentication
02 May 2023
Using Dynamic Authentication Providers feature in Duende IdentityServer with AdminUI

Discover the Dynamic Authentication Providers feature for AdminUI, including its functionality and a video demonstration.

Kieran Odinius

Job Role

Business Development

Using Dynamic Authentication Providers feature in Duende IdentityServer with AdminUI
28 Feb 2023
AdminUI as a Framework

Since its inception, AdminUI has been an application requiring no development effort to get it running. However, it is not as flexible as some of our customers require. So let's fix that!

Andrew Clymer

Job Role

Head of Identity and Access Management

AdminUI as a Framework
22 Feb 2023
We Are Officially B Corp Certified!

As of January 2023, Rock Solid Knowledge is proud to announce that we are a Certified B -Corporation™. B Corp questions assess every aspect of your organisation - from the environment to governance to how we treat our workers and customers.

Kieran Odinius

Job Role

Business Development

We Are Officially B Corp Certified!
16 Nov 2022
Implementing CIBA in Duende IdentityServer

Client-Initiated Backchannel Authentication (CIBA) is a new OpenID Connect specification that describes decoupled authentication flows. This article describes how to implement a CIBA flow inside Duende IdentityServer.

Ben Archer

Job Role

Software Developer

Implementing CIBA in Duende IdentityServer
04 Nov 2022
IdentityServer4 End-of-life (EOL) - What Next?

IdentityServer4 will no longer be supported from 13th December 2022. We outline our product-specific support and migration steps to Duende IdentityServer

Kieran Odinius

Job Role

Business Development

IdentityServer4 End-of-life (EOL) - What Next?
11 Oct 2022
WS-Federation Integration with Duende IdentityServer

Are you looking to support WS-Federation clients into your IdentityServer? If so, this tutorial will help you implement a cross-protocol SSO.

Sundas Choudry

Job Role

Software Developer

WS-Federation Integration with Duende IdentityServer
21 Sept 2022
AdminUI 6.3 Release Notes

AdminUI now supports custom identity implementations for users with their own identity schemas or extensions of the ASP.NET Identity schema.

Sam Brinsden

Job Role

Software Developer

AdminUI 6.3 Release Notes
18 Aug 2022
What is Risk Based Authentication

Creating a secure login experience that defends against password stuffing and spraying can lead to an unpleasant user experience. Using Risk-Based Authentication allows you to adapt the login experience based on the current threat level, resulting in a secure and, more often than not, pleasant user experience.

Andrew Clymer

Job Role

Head of Identity and Access Management

What is Risk Based Authentication
15 Aug 2022
Efficient Cleaning Up of the Persisted Grant Table

IdentityServer uses a persisted grants table to store reference and refresh tokens. Clean-up code needs to be run periodically to remove expired tokens. The built-in functionality works for small/medium usage, but alternative approaches should be considered for high usage. This article outlines an alternative approach using a SQL stored procedure.

Andrew Clymer

Job Role

Head of Identity and Access Management

Efficient Cleaning Up of the Persisted Grant Table
29 Jul 2022
SAML 2.0 Integration with Duende IdentityServer

Are you looking to support SAML clients or external SAML identity providers in your IdentityServer? If so, this tutorial will help you implement a cross-protocol SSO.

Sundas Choudry

Job Role

Software Developer

SAML 2.0 Integration with Duende IdentityServer
04 Apr 2022
Announcing New AdminUI licensing

To align AdminUI and Duende IdentityServer licensing, newly purchased copies of AdminUI come with a lower cost annual license

Kieran Odinius

Job Role

Business Development

Announcing New AdminUI licensing
08 Mar 2022
Open Banking for OAuth Developers

This article will build upon your existing OAuth knowledge to learn about Open Banking’s architecture, its new acronyms, and what implementation is the best fit for you.

Scott Brady

Job Role

Security Consultant

Open Banking for OAuth Developers