Articles

IdentityServer has reached such a level of adoption that building and maintaining it has become a considerable effort. The creators, Dominick and Brock, have decided that this is no longer tenable with free/sponsored development. Therefore, they have announced the next version of IdentityServer (Duende IdentityServer) will require a paid for license for commercial use.

AdminUI 4.0 now supports IdentityServer v4, changes to API resources and scopes, and additional ways to download and run AdminUI.

Managing user identities across cloud-based architectures can be difficult. By using the SCIM standards we can make this task simpler and more cost effective. This article will cover what SCIM is, why we use SCIM and give you a chance to preview the new SCIM for ASP.NET component from Rock Solid Knowledge.

SAML support for IdentityServer4 v4 is now available. Over the past few months, we have been building new features in our SAML IdP & SP component, culminating in 6 minor releases and 2 major releases.

AdminUI 3.1 includes: clone client, two new client secret types, no more tokens in the browser, a new installer, redesigned client settings and more.

Looking to get started with FIDO2 for ASP.NET and WebAuthn? Rock Solid Knowledge has released 4 new online tutorials to help you implement our “FIDO2 for ASP.NET” component.

With the release of IdentityServer4 v4 comes new features, and with those features come model changes. To account for the model changes, your database needs to be updated.

Physical biometrics, such as fingerprint or facial recognition, are super useful when logging into mobile apps. It allows the user to prove their presence without having to manage a password or go through a Multi-factor Authentication (MFA) process. So why can't you use biometrics in the browser?

Guided walkthrough on how you can use AdminUI to only manage your IdentityServer configuration.

Confirmation of identity is central to all security decisions. A whole host of decisions are made based on a user proving who they are. Failing to successfully prove identity means the entire authorization system comes crashing down.

Learn how to create a self-service portal for user claims

SAML single sign-on (SSO) allows the end-user to securely authenticate across multiple applications by logging in once using one set of credentials. However, authentication is only the first half of the story.

Companies with multiple systems that each require users to login and manage different accounts have an increased cost of ownership. Single sign-on solutions provide a reduced cost of ownership. There are many out there but which one is best for you?

IdentityServer provides access tokens for clients to access protected resources and identity tokens for describing user authentication. Find out how the KeyManagement component automatically rotates keys for you

We are happy to announce that AdminUI 3.0.0 now runs on ASP.NET Core 3.1. Alongside the migration we have added a new client wizard to support Proof-key for Code Exchange (PKCE) for Web apps.

Rock Solid Knowledge is pleased to announce that their FIDO2 for ASP.NET component has now achieved FIDO2 certification from the FIDO Alliance. FIDO2 certification means that the FIDO Alliance has certified that our component complies with the FIDO specifications and meets specific security profiles.

Out of the box, AdminUI doesn't support existing implementations of IdentityServer4 and ASP.NET Core Identity. Before you can run AdminUI you will need to make both code changes and schema migrations.

Scott Brady and Dominick Baier discuss what’s coming with the latest version of IdentityServer4 v4 at NDC London.

AdminUI 2.6 delivers new Import and Export client configuration functionality, along with a complete UI refresh!

Evilginx is a tool that allows you to create phishing websites capable of stealing credentials and session cookies despite the use of common 2FA mechanisms such as TOTP and push notifications. The only way to truly protect your users from this kind of phishing attack is using FIDO.

Microsoft released ASP.NET Core 3.0 a few weeks ago, which means breaking changes for everyone! However, you will be pleased to know that there are no breaking changes for the IdentityServer4 commercial components. Our products are now multi-targeting .NET Standard 2.0 and .NET Core 3.0, using a single codebase.

We are proud to announce our third major update for AdminUI of 2019. It delivers a brand new Role User Management feature, alongside improved accessibility and bug fixes.

For over 30 years, we have used single passwords to verify identity, and we have known that they are vulnerable to a variety of attacks. Two-Factor authentication has been applied to strengthen the mechanism, but they often increase friction for the user, and can still be vulnerable to phishing attacks. The solution: FIDO2.

FIDO2 offers a replacement for passwords in the form of frictionless, possession-based authentication. Thanks to our newest component, FIDO2 for ASP.NET Core, this is now something Rock Solid Knowledge can help you with.