Looking for an open-source way to implement 𝗦𝗦𝗢 in ASP.NET Core? This guide shows how to build a central authentication system using 𝗢𝗽𝗲𝗻𝗜𝗱𝗱𝗶𝗰𝘁, a free alternative to Duende Identity.

It includes:
  • A working AuthServer and MVC client
  • Login and consent pages
  • Proper handling of first-time login flows

Securing APIs is a critical part of modern application development. Instead of reinventing authentication and authorization, we can rely on industry standards such as OAuth 2.0 and OpenID Connect.

𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗦𝗲𝗿𝘃𝗲𝗿 is a system that manages user login, authentication, and secure access to applications. It helps apps know who the user is and what they are allowed to do, without each app handling logins separately.

𝗗𝘂𝗲𝗻𝗱𝗲 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆𝗦𝗲𝗿𝘃𝗲𝗿 is a highly extensible and standards-compliant framework for .NET Core that helps you issue tokens, handle authentication, and enforce authorization for your APIs and applications.

In this article , we used the 𝗰𝗹𝗶𝗲𝗻𝘁 𝗰𝗿𝗲𝗱𝗲𝗻𝘁𝗶𝗮𝗹𝘀 flow, which works well for 𝗺𝗮𝗰𝗵𝗶𝗻𝗲-𝘁𝗼-𝗺𝗮𝗰𝗵𝗶𝗻𝗲 communication. But in real applications with human users, we need an interactive login experience.
𝗜𝗻 𝘁𝗵𝗲 𝗻𝗲𝘅𝘁 𝗴𝘂𝗶𝗱𝗲, we will discover how to build a 𝗹𝗼𝗴𝗶𝗻 𝗨𝗜 and 𝗶𝗻𝘁𝗲𝗴𝗿𝗮𝘁𝗲 redirection to 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆𝗦𝗲𝗿𝘃𝗲𝗿 for scenarios such as .NET Core 𝗠𝗩𝗖 applications, 𝗦𝗶𝗻𝗴𝗹𝗲 𝗣𝗮𝗴𝗲 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀 (SPAs) like Angular or React, and even native 𝗺𝗼𝗯𝗶𝗹𝗲 or 𝗱𝗲𝘀𝗸𝘁𝗼𝗽 apps.