identityserver是一种.netcore的中间件,用于身份认证。
- Authentication授权
- API Access API获取
- OpenID Connect and OAuth 2.0 – better together
identityServer4支持
IdentityServer has a number of jobs and features - including:
- protect your resources
- authenticate users using a local account store or via an external identity provider
- provide session management and single sign-on
- manage and authenticate clients
- issue identity andaccess tokens to clients
- validate tokens
dentityServer implements the following specifications:
OpenID Connect
- OpenID Connect Core 1.0 (spec)
- OpenID Connect Discovery 1.0 (spec)
- OpenID Connect Session Management 1.0 - draft 28 (spec)
- OpenID Connect Front-Channel Logout 1.0 - draft 02 (spec)
- OpenID Connect Back-Channel Logout 1.0 - draft 04 (spec)
OAuth 2.0 - OAuth 2.0 (RFC 6749)
- OAuth 2.0 Bearer Token Usage (RFC 6750)
- OAuth2.0 Multiple Response Types (spec)
- OAuth 2.0 Form Post Response Mode (spec)
- OAuth 2.0 Token Revocation (RFC 7009)
- OAuth 2.0 TokenIntrospection (RFC 7662)
- Proof Key for Code Exchange (RFC 7636)
- JSON Web Tokens for Client Authentication (RFC 7523)
- OAuth 2.0 Device Authorization Grant (RFC 8628)
- OAuth 2.0 Mutual TLS Client Authentication and Certificate-Bound Access Tokens (draft)