An open-source identity and access management server supporting OpenID Connect, OAuth2, WS-Federation, and SAML 2.0 with a built-in admin UI.
TheIdServer is an open-source identity and access management server that implements OpenID Connect, OAuth2, WS-Federation, and SAML 2.0 protocols. It provides a centralized solution for authenticating users and authorizing applications, built on Duende IdentityServer and ITFoxtec Identity SAML 2.0 frameworks. The project includes a full-featured admin UI for managing all aspects of identity configuration.
Developers and organizations needing a self-hosted identity provider for their applications, especially those requiring support for multiple authentication protocols like SAML 2.0 alongside OpenID Connect and OAuth2.
It offers a unified, extensible platform with comprehensive protocol support and administrative capabilities, serving as a free, open-source alternative to commercial identity servers while maintaining compatibility with enterprise authentication standards.
OpenID/Connect, OAuth2, WS-Federation and SAML 2.0 server based on Duende IdentityServer and ITFoxtec Identity SAML 2.0 with its admin UI
Supports OpenID Connect, OAuth2, WS-Federation, and SAML 2.0 in a single server, enabling seamless integration across modern and legacy authentication systems as highlighted in the key features.
Provides a web-based UI for managing users, clients, APIs, and external providers with detailed documentation links, reducing manual configuration overhead.
Compatible with a wide range of databases via Entity Framework Core, allowing flexibility in choosing SQL or NoSQL backends as stated in the setup.
Includes keys rotation, token exchange (RFC 8693), and server-side sessions, enhancing security and compliance for enterprise environments.
Built on Duende IdentityServer, which requires purchasing a license for commercial use, adding financial overhead compared to fully open-source alternatives.
Setup involves multiple steps like database configuration, keys management, and external provider dynamic setup, as evidenced by extensive documentation and the recent Azure Key Vault SDK migration note.
Relies on external frameworks (Duende IdentityServer and ITFoxtec SAML), which may introduce breaking changes or compatibility issues, as seen with the mandatory Azure Key Vault SDK update.
Blazor Boilerplate / Starter Template with MudBlazor
A project template for a blazor hosted app using cookie based authentication with ef core identity.
Blorc.OpenIdConnect provides a robust and secure way to integrate OpenID Connect authentication into Blazor applications. It simplifies the implementation of the Authorization Code Flow with Proof Key for Code Exchange (PKCE), which is the recommended method for securing single-page applications. ## Key Features - **PKCE Support** — Implements the Authorization Code Flow with Proof Key for Code Exchange to prevent CSRF and authorization code injection attacks. - **Automatic Token Management** — Handles access token delegation, expiration, and silent renewal automatically. - **Flexible Configuration** — Supports configuration via appsettings.json or programmatic options with extensible query and token parameters. - **User Info Loading** — Optionally loads additional identity data from the user info endpoint to populate user profiles. - **Identity Server Integration** — Designed to work with identity providers like Keycloak and Auth0 following standard OpenID Connect specifications. ## Philosophy The library follows a secure-by-design approach, enforcing modern authentication standards while providing a developer-friendly API that integrates seamlessly with Blazor's component and service model.
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.