- IdentityServer3.Contrib.Vault.CertificateStore
- IdentityServer3.Contrib.Vault.ClientSecretStore
- ServiceStack.Authentication.IdentityServer.Vault
Vault is a tool for managing secrets that provides a restful api.
This solution is divided 2 pieces of functionality:
The IdentityServerVaultAuthFeature is an extension of the IdentityServerAuthFeature that retrieves the Client Secret for a Client ID, encrypts that secret using Vault as part of the IdentityServerAuthProvider Authorization. The IdentityServer3.Contrib.Vault.ClientSecretStore is the corresponding IdentityServer3 plugin for decrypting the secret received from the ServiceStack IdentityServerAuthProvider.
Read the Quick Start guide for using vault as the client secret store here
Read the sample guide here or view the code here
The IdentityServer3.Contrib.Vault.CertificateStore is a plugin that allows IdentityServer to generate new X509 Signing Certificates and replace expired certificates using Vault.
Read the Quick Start guid for using vault as the X509 Certificate store here