Introducing the next era of Duende IdentityServer.

Read our CEO’s announcement

Learn

For developers and technical leaders building secure .NET applications.

Talk to an Expert Read our Blog

Implementing Token Authentication in Controller-Based ASP.NET Core Web APIs: Step-by-Step Tutorial

Learn how to secure controller-based ASP.NET Core Web APIs using JWTs. This step-by-step guide covers token issuance, validation, and authorization.

Clifford Spielman March 30, 2026

Latest Post Graphic

API Client Authentication and Authorization with Duende IdentityServer

CS

Clifford Spielman
March 27, 2026
How Access and ID Tokens Flow in OAuth & OIDC

CS

Clifford Spielman
February 27, 2026
Token Expiration & Refresh Best Practices for APIs

CS

Clifford Spielman
February 26, 2026
What is OAuth 2.0? Delegated Authorization Explained

CS

Clifford Spielman
January 29, 2026
What is OpenID Connect and how it helps developers

CS

Clifford Spielman
January 27, 2026
7 common security pitfalls in OAuth 2.0 implementations

CS

Clifford Spielman
December 24, 2025
OAuth 2.0 grant types and when to use them

CS

Clifford Spielman
December 23, 2025
JSON Web Token (JWT) Authentication Example: A Real-World .NET API

CS

Clifford Spielman
November 27, 2025
Securing a .NET API With JWT Authentication: Step-by-Step Tutorial

CS

Clifford Spielman
November 26, 2025