See Identity Server.
I’ve (and others in my team) have worked on a project using Identity Server 4 since early 2017.
The main reason why we started to consider it was due to the main business goals:
We noticed that asp.net identity together with Identity Server satisfies a lot of the specific business requirements.
We got something working quite fast that satisfied the requirements. We had an login, authentication and OAuth solution within days.
Our first stumbling block was that there was a need for a JSON API to use with a back-office GUI that needed to be able to display accounts. Part of the trouble was that we needed mixed authentication: JWT and cookies. That turned out to be somewhat difficult with asp.net core mvc 1, but we eventually solved it. In asp.net core mvc 2 this has become much easier to configure.
Our next stumbling block was that there was a requirement that we could have a sign in flow from the single page application without disrupting the shopping experience. That requirement turned out to be more difficult to satisfy than the other requirements. In order to satisfy that we needed to dive deep into Identity Server in order to bend the opinions of Identity Server to the requirements.
The assumption that we didn’t need senior developers was faulty. Once we deviated from the assumptions made by Identity Server, we had to involve senior developers in order to implement the business requirements using a mix of OAUTH and other protocols.
Do you want to send a comment or give me a hint about any issues with a blog post: Open up an issue on GitHub.
Do you want to fix an error or add a comment published on the blog? You can do a fork of this post and do a pull request on github.