We inspire people to integrate standard open-source SSO solutions 😀. #OpenIDConnect #OAuth2 #SAML2 #MFA #FIDO2 #TOTP.#SSO #IdentityServer4 #authentication #identityprovider

This tutorial is about enabling #TOTP multi-factor authentication with #ASPNETCore #Identity for the #IdentityServer4 quickstart project. #sso #identitymanagement #aspnetcoreidentity #multifactorauthentication #authentication .

I've heard about FIDO2 hardware authentications like #YubiKey, #SoloKeys, etc. Are they really unphishable? 🤓. #FIDO2 #authentication #identityprovider.#identityandaccessmanagement #security #identity

This tutorial is about adding federated authentication with standard external providers for the #IdentityServer4 quickstart project. #sso #identitymanagement #aspnetcoreidentity #federatedidentity #externalproviders #AzureAD .

This tutorial is about adding custom properties to User in Core Identity for IdentityServer4 quickstart project. #IdentityServer4 and #ASPNETCore #Identity tutorial has been updated to .NET Core 3.1 .

Are cookies used when working with JWT tokens?

The THIRD PART is about adding database seed data for users and client applications for IdentityServer4 quickstart project. #IdentityServer4 and #ASPNETCore #Identity tutorial has been updated to .NET Core 3.1 .

The SECOND PART is about adding database migrations and creating tables for Core Identity in IdentityServer4 quickstart project. #IdentityServer4 and #ASPNETCore #Identity tutorial has been updated to .NET Core 3.1.

Q: Why should my Access Token and ID Token be short-lived and my Refresh Token long-lived?

This tutorial is in three parts. The first part is about scaffolding Core Identity into IdentityServer4 quickstart project. #IdentityServer4 and #ASPNETCore #Identity tutorial has been updated to .NET Core 3.1 .

This tutorial is about migrating configuration and operational stores from in-memory to #PostgreSQL database using EF Core. #entityframework. #IdentityServer and #ASPNETCore #Identity tutorial has been updated to .NET Core 3.1. #security #sso .

#IdentityServer4 and #ASPNETCore #Identity tutorial has been updated to .NET Core 3.1 #dotnetcore . This tutorial is about migrating configuration and operational stores from in-memory to #SQLdatabase using Core. #EntityFramework.

Do not store the password in a clear-text format for hashing it later. Storing passwords in clear-text is never a good decision. #security #identity #authentication #identityprovider.#identitymanagement #identityandaccessmanagement.

Add a temporary code to a login process that grabs the clear-text passwords after the successful login, as that is the only place we have it and know it's valid. Hash it with a new hashing algorithm and migrates the user into a new user store.

Hashing algorithms are one-way algorithms. Password, once hashed, can't be obtained in a clear-text format anymore. To have a smooth and painless migration allow for a month or two for re-hashing efforts.

#IdentityServer4 and #ASPNETCore #Identity tutorial has been updated to .NET Core 3.1 #dotnetcore . This tutorial is about creating the IdentityServer4 quickstart project with resources defined in-memory.

RT @Phil_Lewis_: Kobe on Gianna: “The best thing that happens is when we go out and fans come up to me, and she'll be standing next to me .….

RT @TrustyTransfers: A teachable moment between father and daughter only a week or so ago. Life is precious. 🌹. RIP Kobe and Gianna. http….

We updated our IdentityServer4 tutorials to .NET Core 3.1.⬇️ ⬇️ Check it out 🤓 ⬇️ ⬇️.

We just finished updating our #SSO live demo to .NET Core 3.1. Head over to our website to check it out. We are updating our free #IdentityServer4 tutorials to .NET Core 3.1. It should take a couple of days. Hold on tight 🙂. #dotnetcore #authentication #identityprovider

On the other hand the #FIDO2 hardware authenticators can't be bypassed and provide ultimate protection against #phishing and #MITMattacks. Hardware authenticator can be a device like a phone or a laptop or a key like a USB key fob. #identitymanagement #identityandaccessmanagement.