The OpenID Connect stack you'll be addicted to.
OpenIddict aims at providing a versatile solution to implement an OpenID Connect server and token validation in any ASP.NET Core 2.1, 3.1 and 5.0 application, and starting in OpenIddict 3.0, any ASP.NET 4.x or OWIN application too.
I want something simple and easy to configure
Developers looking for a simple and turnkey solution are strongly encouraged to use OrchardCore and its OpenID module, which is based on OpenIddict, comes with sensible defaults and offers a built-in management GUI to easily register OpenID client applications.
To implement a custom OpenID Connect server using OpenIddict, the simplest option is to clone one of the official samples from the openiddict-samples repository:
- Samples for OpenIddict 3.0 can be found in the samples repository.
- Samples for OpenIddict 2.0.1 can be found in the master branch of the samples repository.
The documentation for the latest stable release (2.0.1) can be found in the dedicated repository.
|Web framework version||.NET runtime version||OpenIddict 2.0||OpenIddict 2.0.1||OpenIddict 3.0|
|ASP.NET Core 2.1||.NET Framework 4.6.1|
|ASP.NET Core 2.1||.NET Framework 4.7.2|
|ASP.NET Core 2.1||.NET Framework 4.8|
|ASP.NET Core 2.1||.NET Core 2.1|
|ASP.NET Core 3.1||.NET Core 3.1|
|ASP.NET Core 5.0||.NET 5.0|
|OWIN/Katana 4.1||.NET Framework 4.6.1|
|OWIN/Katana 4.1||.NET Framework 4.7.2|
|OWIN/Katana 4.1||.NET Framework 4.8|
- X.509 development encryption/signing certificates: calling
AddDevelopmentSigningCertificate()will result in a
PlatformNotSupportedExceptionbeing thrown at runtime if no valid development certificate can be found and a new one must be generated.
- X.509 ECDSA signing certificates/keys: calling
AddSigningKey()with an ECDSA certificate/key will always result in a
PlatformNotSupportedExceptionbeing thrown at runtime.
Looking for additional resources to help you get started with 3.0? Don't miss these interesting blog posts:
- Introducing OpenIddict 3.0's first release candidate version by Kévin Chalet
- OpenIddict 3.0 beta6 is out by Kévin Chalet
- Introducing Quartz.NET support and new languages in OpenIddict 3.0 beta4 by Kévin Chalet
- Introducing localization support in OpenIddict 3.0 beta3 by Kévin Chalet
- OpenIddict 3.0 beta2 is out by Kévin Chalet
- Introducing OpenIddict 3.0 beta1 by Kévin Chalet
- Adding OpenIddict 3.0 to an OWIN application by Kévin Chalet
- Creating an OpenID Connect server proxy with OpenIddict 3.0's degraded mode by Kévin Chalet
Posts written for previous versions of OpenIddict:
- Implementing an OpenIddict Authorization server: Social Login with GitHub by Jerrie Pelser
- Implementing an OpenIddict Authorization server: A Basic Authorization Server by Jerrie Pelser
- Implementing simple token authentication in ASP.NET Core with OpenIddict by Kévin Chalet
- Bearer Token Authentication in ASP.NET Core by Mike Rousos (for the Microsoft .NET Web Development and Tools blog)
- Creating your own OpenID Connect server with ASOS by Kévin Chalet
- Using OpenIddict to easily add token authentication to your .NET web apps by Josh Comley
Security issues and bugs should be reported privately by emailing firstname.lastname@example.org. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message.
If you need support, please make sure you sponsor the project before creating a GitHub ticket. If you're not a sponsor, you can post your questions on Gitter or StackOverflow:
- Gitter: https://gitter.im/openiddict/openiddict-core
- StackOverflow: https://stackoverflow.com/questions/tagged/openiddict
If you want to try out the latest features and bug fixes, there is a MyGet feed with nightly builds of OpenIddict.
To reference the OpenIddict MyGet feed, create a
NuGet.config file (at the root of your solution):
<?xml version="1.0" encoding="utf-8"?> <configuration> <packageSources> <add key="nuget" value="https://api.nuget.org/v3/index.json" /> <add key="openiddict" value="https://www.myget.org/F/openiddict/api/v3/index.json" /> </packageSources> </configuration>
OpenIddict is actively maintained by Kévin Chalet. Contributions are welcome and can be submitted using pull requests.
Special thanks to the following sponsors for their incredible support:
This project is licensed under the Apache License. This means that you can use, modify and distribute it freely. See http://www.apache.org/licenses/LICENSE-2.0.html for more details.