IdentityServer
IdentityServer copied to clipboard
DuendeSoftware
The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
Please see https://github.com/DuendeSoftware/Support/issues/1409 for context and relevance.
**What issue does this PR address?** EnableBackchannelAuthenticationEndpoint options should be taken into account for allowing or blocking calls to the /connect/ciba endpoint.
Add an ICustomIntrospectionValidator, similar to other `ICustomXXXValidator`s. You might do this to enforce resource isolation during introspection (IOW, if api1 introspects a token with audience api2, you might want to...
Please see https://github.com/DuendeSoftware/Support/issues/1399
Retired signing keys will now be deleted by the key manager even if they are data protected and cannot be unprotected. Resolves #1572
**What issue does this PR address?** On call to /connect/token endpoint, Identity Server returns an HTML page due to an internal error instead of a response in JSON format. [The...
In the main host, if you comment in AddStaticSigningCredential and then make a jwks discovery request, an exception is thrown: `CryptographicException: m_safeCertContext is an invalid handle.` In the debugger, at...
The CIBA flow can be used for interacting with eid-solutions such as Mobilt BankID in Sweden or MitID in Denmark. When using those the status of an authentication request is...
**Which version of Duende IdentityServer are you using?** HelseID is using v7.0.6 **Which version of .NET are you using?** .Net 8, latest patch release **Describe the bug** The HelseID security...
Metadata
Owner
Metadata
The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core