Articles

06 Jun 2019
The Dangers of SAML IdP-Initiated SSO

When using SAML, we have two methods for starting Single Sign-On (SSO): SP-initiated or IdP-initiated. Both have their use cases, but one is more secure than the other. No points for guessing from the title.

Scott Brady

Job Role

Security Consultant

The Dangers of SAML IdP-Initiated SSO
06 Jun 2019
SAML 2.4 Release Notes

Rock Solid Knowledge is pleased to announce version 2.4 of the IdentityServer4 SAML component. This release includes new features for both SAML Service Providers and Identity Providers, based on user feedback and sponsored development.

Scott Brady

Job Role

Security Consultant

SAML 2.4 Release Notes
22 Mar 2019
Fact Sheet: The Dangers of Using the Password Grant Type with Mobile Applications

Having trouble convincing your colleagues that using the password grant type is a terrible idea? Is the allure of owning the login UI too strong for your design team? Then check out our fact sheet below for quick and easy facts about why you should never use the Resource Owner Password Credentials flow with public clients such as mobile applications.

Scott Brady

Job Role

Security Consultant

Fact Sheet: The Dangers of Using the Password Grant Type with Mobile Applications
15 Feb 2019
Change in Recommendations for Browser-Based Applications

Recently, due to a renewed discussion in the OAuth Working Group, the recommended approach for securing browser-based applications (such as JavaScript SPAs) has changed

Scott Brady

Job Role

Security Consultant

Change in Recommendations for Browser-Based Applications
07 Feb 2019
AdminUI Audit Event Sink

Today we are pleased to announce the release of the AdminUI Event Sink for IdentityServer...

Christopher Myhill

Job Role

Software Developer

AdminUI Audit Event Sink
15 Jan 2019
AdminUI 2.3 Release Notes

We are pleased to announce the release of AdminUI 2.3 compatible with IdentityServer4 2.x, featuring Auditing and DeviceFlow support...

Kieran Odinius

Job Role

Business Development

AdminUI 2.3 Release Notes
15 Jan 2019
SAML & WS-Federation 2.2 & 2.3 Released

We are pleased to announce the full release of .NET Core support for the IdentityServer4 SAML and WS-Federation components...

Scott Brady

Job Role

Security Consultant

SAML & WS-Federation 2.2 & 2.3 Released
22 Dec 2018
Announcing WS-Federation Support for IdentityServer4 and .NET Core

We are pleased to announce the open BETA of the IdentityServer4 WS-Fed component, allowing IdentityServer to act as an Identity Provider (IdP) using WS-Fed...

Scott Brady

Job Role

Security Consultant

Announcing WS-Federation Support for IdentityServer4 and .NET Core
26 Oct 2018
Extending AdminUI with NewUser and PasswordReset WebHooks

AdminUI offers a couple of webhooks enabling it to tightly integrate with your own custom user onboard or password reset journies...

Jo Stevens

Job Role

Software Developer

Extending AdminUI with NewUser and PasswordReset WebHooks
11 Oct 2018
AdminUI's New Access Policy

In response to customer feedback, we are pleased to announce that there is now multi-level administration in AdminUI 2.2...

Joe Harvey

Job Role

Software Developer

AdminUI's New Access Policy
27 Sept 2018
FIDO2: The End of Passwords is Near

There have been bold claims of killing passwords off for years. Recently there's been a lot of buzz about a potentially viable solution: FIDO2...

Scott Brady

Job Role

Security Consultant

FIDO2: The End of Passwords is Near
11 Sept 2018
AdminUI 2.2 Release Notes

We are pleased to announce the release of AdminUI 2.2. We've added support for new languages, redesigned the landing page, and addressed a number of bugs...

Kieran Odinius

Job Role

Business Development

AdminUI 2.2 Release Notes
22 Aug 2018
Extending the AdminUI Schema

AdminUI uses a custom ASP.NET Core Identity schema that extends the default user entities, allowing existing IdentityServer solutions to continue using these entities...

Scott Brady

Job Role

Security Consultant

Extending the AdminUI Schema
16 Aug 2018
SAML 2.0 Integration with IdentityServer4

Security Assertion Markup Language (SAML) is used to communicate authentication data between two parties. Implementing IdentityServer4 in the world of OpenID Connect? You could call it a "legacy" protocol...

Scott Brady

Job Role

Security Consultant

SAML 2.0 Integration with IdentityServer4
09 Aug 2018
Announcing .NET Core Support for the IdentityServer4 SAML Component

We are pleased to announce the first preview release of the IdentityServer4.Saml built using .NET Standard 2.0...

Scott Brady

Job Role

Security Consultant

Announcing .NET Core Support for the IdentityServer4 SAML Component
16 Jul 2018
Increasing Click Through Rates with IdentityServer4 Passwordless Authentication

Recently one of our customers came to us with a problem; their email campaign links all required an authenticated user, and as a result, a significant portion of users abandoned the campaign...

Scott Brady

Job Role

Security Consultant

Increasing Click Through Rates with IdentityServer4 Passwordless Authentication
09 Jul 2018
Announcing IdentityManager2

We are pleased to announce the BETA release of IdentityManager2, the newest version of the IdentityManager project, ported to ASP.NET Core with example support for ASP.NET Core Identity...

Scott Brady

Job Role

Security Consultant

Announcing IdentityManager2
23 May 2018
AdminUI 2.1.2 Release Notes

An update to address some bugs found in the software by the community. Thank you for bringing these problems to our attention and look forward to bringing more high-quality updates to you in the future...

Kieran Odinius

Job Role

Business Development

AdminUI 2.1.2 Release Notes
27 Mar 2018
An Introduction to the OAuth Device Flow

One of the few legitimate uses for the Resource Owner Password Credentials grant type is for browserless devices (smart TVs or Internet of Things etc). To address the issue of such devices, the OAuth working group are in the stages of finalizing a new spec...

Scott Brady

Job Role

Security Consultant

An Introduction to the OAuth Device Flow
20 Mar 2018
AdminUI 2.1 Released

We are pleased to announce the release of AdminUI 2.1, with new features focused on internationalization, usability, and accessibility. This includes bug fixes and UX improvements...

Scott Brady

Job Role

Security Consultant

AdminUI 2.1 Released