IdentityServer3 Versions Save

OpenID Connect Provider and OAuth 2.0 Authorization Server Framework for ASP.NET 4.x/Katana

9 years ago

9 years ago

Remove all OWIN environments from service signatures and make environment injectable instead
Enhanced DI system to allow for manually resolving dependencies
Optimize IScopeStore
Add option to remember last username on login page
Allow returning custom error messages from custom grant validator
Display client logo on consent page
Add option to add ids to JWT access tokens (jti claim)
cookie options for XSRF cookie
support for address claim
default issuer URI to base path
signout API for user service

9 years ago

Anti-forgery token support
Permission self-service page for users
Added support to add all claims of a user to a token (and support for implementation specific claims rules)
Added more documentation and comments
Added token handle and authorization code hashing
New view system and support for file system based assets
Support for WS-Federation, OpenID Connect and social external IdPs
Support for upstream federated sign-out
Added flag to hide scopes from discovery document
Re-worked claims filtering and normalization
Added support for more authentication scenarios, e.g. client certificates

9 years ago

9 years ago

Update to Katana v3 and JWT handler v4
Configurable claims for both identity and resource scopes
Added support for acr_values and tenant login hints
Improved support for custom grant types
Added a RequireSsl switch (thus removing the need for the public host name setting)
Reworked some internals like the user service, token service, userinfo endpoint, sign in message and validation pipeline
Added support for hybrid flow and thus improved compatibility with the Microsoft Katana OpenID Connect middleware
Added identity token validation endpoint for clients that don’t have access to the necessary crypto libraries
More control over CSP and cookies

9 years ago