At Duende, we recognize that many of our customers may have decades of .NET experience, while also being new to OAuth 2.0 and OpenID Connect. Security is a challenging domain to get started with, but it rewards those who persevere with improved security, greater interoperability, and future extensibility.
One of our goals with the release of Duende IdentityServer v7.3 is to lower the barrier for developers starting with security by improving the onboarding experience and decreasing the time between ideation and production. In fact, using our new template should get you a proof of concept identity provider in 60 minutes or less.
In this post, we’ll cover improvements to our new .NET project template and show you some of the enhancements that better help you understand and implement your very own OAuth 2.0 and OpenID Connect identity provider.
Getting Started
To access the latest templates, install the Duende.Templates NuGet package within your development environment. All the templates target .NET 8, so you’ll also need a .NET 8+ SDK installed. In a console, type the following command to install the latest version.
dotnet new install Duende.Templates
Once installed, you’ll want to create a brand new IdentityServer project with the following command.
dotnet new duende-is -o MyIdentityServer
Since you’ve installed templates in your development environment, you may also use your preferred IDE to create the project after installing the templates.
Quick Tour
In this section, we’ll highlight some of the changes we’ve made to accelerate your understanding of Duende IdentityServer and facilitate further customizations. Remember, Duende IdentityServer is an SDK intended to provide the most flexible options when building an identity provider. Using Duende’s enhanced templates will dramatically simplify the initial setup of a fully functional identity provider. We invite you to make any necessary changes or customizations to your security solutions to help you achieve your goals.
Welcome Screen
We’ve redesigned the welcome screen to provide you with quick access to some of our most essential resources, including our documentation, licensing page, developer community links, and a quick-start video series. If you’re new to Duende IdentityServer or OAuth 2.0 and OpenID Connect in general, we highly recommend diving into our documentation. Additionally, our friendly developer community is always ready to help answer nuanced questions about your implementation goals, so please don't hesitate to ask.
Admin Dashboard
The project has three in-memory users, with one being the admin user. Logging in as the admin user allows you to see one of our newest additions to the template, the Admin Dashboard.
We designed the dashboard to provide developers with visibility into their current IdentityServer instance, including System Information that highlights databases, licenses, clients, and scopes. License Usage information can also help you determine what features are used during the identity provider’s lifetime, making it easier to understand what license works for your current use case. Operational information shows the current count of active server side sessions.
We’ve designed the dashboard to be modular. Using ASP.NET Core View Components, you can add or remove any elements with relative ease. Again, our goal is to give you something to extend, modify, and deploy as you see fit.
Client Management
While working on your proof of concept, you’ll need clients. We’ve added a client management section to manage all clients within your security context. Add, edit, or remove any client with a few clicks.
When adding or editing a client, you can manage every detail, including the identifier, scopes, access token lifetimes, and more. Additionally, we generate C# code that you can copy into any solution. This should get you up and running quickly. The code generated will depend on your flow, with interactive clients generating OpenID Connect code and machine-to-machine flows generating OAuth 2.0 code.
Scope Management
Scopes are an essential part of defining interaction between the identity provider and clients. The project template allows for straightforward management of all Identity and API scopes. Add, update, or remove any scopes within the appropriate sections.
When editing a scope, you’ll have a more user-friendly interface, allowing you to add new claims on the fly while selectively removing claims more easily.
Server Side Session Management
Server-side sessions are a Business Edition feature, but are very popular among Duende customers. We’ve included an administrative page that displays which current sessions are active in your identity provider’s database, allowing you to invalidate any session with a single click. The Server Side Sessions view is helpful as you add more clients and share sessions across multiple application instances.
General Educational Information
As you may have noticed in many of the screenshots, we’ve taken extra care and attention to add additional context to all pages. We often find that one of the more challenging parts of implementing a custom identity provider is understanding the security vocabulary that accompanies the technical implementation. At a glance, with these screenshots and the improved templates, you should get a basic understanding of what a client, scope, or session is at any point.
Conclusion
Remember, this is your launching pad for implementing a custom identity provider, so the possibilities are endless when it comes to customizing it to suit your needs. We’re confident that by using our new project template, you’ll see a dramatic reduction in setup time and that your team can quickly evaluate Duende IdentityServer's powerful capabilities without extensive upfront investment in learning complex configurations. The improved design and comprehensive contextual information should significantly ease the initial learning curve, making it accessible even for developers new to the security domain, which should accelerate your path to implementation. The result? You’ll have a proof of concept up and running in 60 minutes or less.
We encourage you to ask questions and provide feedback. Please visit our developer community today.
Thank you!