This .NET Core solution demonstrates a clean architectured WebAPI that is protected with IdentityServer service and consumed by three different clients:
- Console App, uses client credential flow.
- Server-side ASP.NET Core web application, uses authorization code flow.
- SPA ASP.NET Core Blazor WASM, uses PKCE flow
- Generate a self-signed certificate with a new private key.
openssl req -x509 \ -newkey rsa:4096 -keyout localhost.key \ -out localhost.crt \ -subj "/CN=localhost" \ -addext "subjectAltName=DNS:localhost,DNS:api,DNS:identityserver,DNS:singlepageapplication,DNS:webapplication"
openssl pkcs12 -export \ -in localhost.crt \ -inkey localhost.key \ -out localhost.pfx \ -name "Creating an IdentityServer 6 Solution" - Import the self-signed certificate.
certutil -f -user -importpfx Root localhost.pfx
- Add the line below to the hosts file.
127.0.0.1 api 127.0.0.1 identityserver 127.0.0.1 singlepageapplication 127.0.0.1 webapplication - Open the console in the "Solution Items" folder and run the service containers.
docker compose up --build
- The output of the console client can be invistigated by checking the container logs.
- Go to https://webapplication:7002/ for the server-side web client.
- Go to http://singlepageapplication:7003/ for the Blazor WASM client.