Articles

Scott Brady and Dominick Baier discuss what’s coming with the latest version of IdentityServer4 v4 at NDC London.

AdminUI 2.6 delivers new Import and Export client configuration functionality, along with a complete UI refresh!

Evilginx is a tool that allows you to create phishing websites capable of stealing credentials and session cookies despite the use of common 2FA mechanisms such as TOTP and push notifications. The only way to truly protect your users from this kind of phishing attack is using FIDO.

Microsoft released ASP.NET Core 3.0 a few weeks ago, which means breaking changes for everyone! However, you will be pleased to know that there are no breaking changes for the IdentityServer4 commercial components. Our products are now multi-targeting .NET Standard 2.0 and .NET Core 3.0, using a single codebase.

We are proud to announce our third major update for AdminUI of 2019. It delivers a brand new Role User Management feature, alongside improved accessibility and bug fixes.

For over 30 years, we have used single passwords to verify identity, and we have known that they are vulnerable to a variety of attacks. Two-Factor authentication has been applied to strengthen the mechanism, but they often increase friction for the user, and can still be vulnerable to phishing attacks. The solution: FIDO2.

FIDO2 offers a replacement for passwords in the form of frictionless, possession-based authentication. Thanks to our newest component, FIDO2 for ASP.NET Core, this is now something Rock Solid Knowledge can help you with.

Want to use SQL Integrated Security with AdminUI, here is what you need to know.

AdminUI 2.4 includes 3 new client wizards, a new installer, inbuilt documentation and much more.

One issue we hear a lot from our customers is the inability to add and configure external identity providers during runtime. To solve this, Rock Solid Knowledge have developed a new component for ASP.NET Core called Dynamic Authentication Providers.

Rock Solid Knowledge is pleased to announce version 2.4 of the IdentityServer4 SAML component. This release includes new features for both SAML Service Providers and Identity Providers, based on user feedback and sponsored development.

When using SAML, we have two methods for starting Single Sign On (SSO): SP-initiated or IdP-initiated. Both have their use cases, but one is more secure than the other. No points for guessing from the title.

Having trouble convincing your colleagues that using the password grant type is a terrible idea? Is the allure of owning the login UI too strong for your design team? Then check out our fact sheet below for quick and easy facts about why you should never use the Resource Owner Password Credentials flow with public clients such as mobile applications.

Recently, due to a renewed discussion in the OAuth Working Group, the recommended approach for securing browser-based applications (such as JavaScript SPAs) has changed

Today we are pleased to announce the release of the AdminUI Event Sink for IdentityServer...

We are pleased to announce the full release of .NET Core support for the IdentityServer4 SAML and WS-Federation components...

We are pleased to announce the release of AdminUI 2.3 compatible with IdentityServer4 2.x, featuring Auditing and DeviceFlow support...

We are pleased to announce the open BETA of the IdentityServer4 WS-Fed component, allowing IdentityServer to act as an Identity Provider (IdP) using WS-Fed...

AdminUI offers a couple of webhooks enabling it to tightly integrate with your own custom user onboard or password reset journies...

In response to customer feedback, we are pleased to announce that there is now multi-level administration in AdminUI 2.2...

There have been bold claims of killing passwords off for years. Recently there's been a lot of buzz about a potentially viable solution: FIDO2...

We are pleased to announce the release of AdminUI 2.2. We've added support for new languages, redesigned the landing page, and addressed a number of bugs...

AdminUI uses a custom ASP.NET Core Identity schema that extends the default user entities, allowing existing IdentityServer solutions to continue using these entities...

Security Assertion Markup Language (SAML) is used to communicate authentication data between two parties. Implementing IdentityServer4 in the world of OpenID Connect? You could call it a "legacy" protocol...