Articles

IdentityServer4 will no longer be supported from 13th December 2022. We outline our product-specific support and migration steps to Duende IdentityServer

Are you looking to support WS-Federation clients into your IdentityServer? If so, this tutorial will help you implement a cross-protocol SSO.

AdminUI now supports custom identity implementations for users with their own identity schemas or extensions of the ASP.NET Identity schema.

Creating a secure login experience that defends against password stuffing and spraying can lead to an unpleasant user experience. Using Risk-Based Authentication allows you to adapt the login experience based on the current threat level, resulting in a secure and, more often than not, pleasant user experience.

IdentityServer uses a persisted grants table to store reference and refresh tokens. Clean-up code needs to be run periodically to remove expired tokens. The built-in functionality works for small/medium usage, but alternative approaches should be considered for high usage. This article outlines an alternative approach using a SQL stored procedure.

Are you looking to support SAML clients or external SAML identity providers in your IdentityServer? If so, this tutorial will help you implement a cross-protocol SSO.

To align AdminUI and Duende IdentityServer licensing, newly purchased copies of AdminUI come with a lower cost annual license

This article will build upon your existing OAuth knowledge to learn about Open Banking’s architecture, its new acronyms, and what implementation is the best fit for you.

Rsk.Saml v5 includes new features, improvements and breaking changes. Such as support for .NET 6, Duende IdentityServer v6 and HTTP Artifact binding.

Duende IdentityServer (IDS) 6 was released earlier this year – our products continue to support the framework in its latest update.

SAML implementations typically exchange sensitive user data via the browser. This considerably increases the attack surface of your Single Sign-On (SSO) solution. Luckily, SAML offers an alternative mechanism called HTTP Artifact binding that allows protocol messages to be transported more securely.

If you are new to SSO, the learning curve can appear quite daunting; not only do you have to change the way your applications perform authentication, you also need to configure and deploy the single sign-on server. Our All in one solution gets you started in minutes.

AdminUI has recently been made available as a universal project, meaning we now support a Linux installation scenario rather than recommending Docker as a multiplatform approach. This article will go through the steps needed to get AdminUI up and running on Linux.

Microservices is a common architectural pattern, but how best to integrate it with Attribute Based Access Control (ABAC).

An account enumeration attack involves an attacker attempting an action, such as authentication or password reset, and looking for differences between responses to gain information on the system. Learn how to harden your SSO solution against these attacks.

SAML works really well for server-side applications, providing single sign-on across your applications. But can you use SAML with modern application types such as SPAs and mobile apps?

When will products be supporting Duende IdentityServer? Will I have to pay for my component to work with Duende IdentityServer? How can I keep up to date with product releases?

SAML support for Duende IdentityServer is now available. Over the past few months, we have been updating our SAML component to work with both IdentityServer4 and Duende IdentityServer. As a result, we have split our component into separate packages to handle SAML identity provider and service provider functionality.

Applications are designed to deliver functionality to users - this is their primary goal. However, commonly, not all users can do everything in an application: features may be sensitive, they may need a premium subscription, or someone may need to give the user explicit permission to access their data. Delivering this "limiting" of functionality is also a critical part of application design. This article explores options for controlling access to functionality and assesses their strengths and weaknesses

Looking to get started with IdentityServer and AdminUI? Rock Solid Knowledge has released four new online tutorials to help you kick start your single sign-on solution (SSO).

The increasing complexity of the digital world is making single sign-on solutions (SSOs) more popular. Understand the benefits in its personal use and across your business, how it can improve employee productivity, and their work experience.