Extending Duende IdentityServer Server-Side Sessions with Dynamic User Metadata Stop bloating your authentication cookies. Use Duende IdentityServer server-side sessions and AuthenticationProperties to store dynamic user metadata (like location) on the server, which improves…

Stop bloating your auth cookies! 🍪

Learn how to:
1️⃣ Use IdentityServer server-side sessions and improve performance
2️⃣ Use AuthenticationProperties to store dynamic user metadata (like location)

Article at duende.link/8624kh

#dotnet #aspnetcore

Improving .NET Security Code with C# 14 Property Extensions Stop writing boilerplate code for ClaimsPrincipal. C# 14 extension members let you use properties to centralize claim access logic, leading to cleaner, more secure ASP.NET Core applications.

Stop writing boilerplate code for ClaimsPrincipal! 🛡️

#csharp 14 extension members let you use properties to centralize claim access logic, leading to cleaner, #aspnetcore application code.

Read more: duende.link/7efu3d

A First Look at Duende User Management | Duende Join us March 24 for a first look at Duende User Management. Learn to replace ASP.NET Identity with built-in Passkeys, MFA, and audits.

Want the power of Duende IdentityServer but with faster time-to-value? ⏱️ We’re previewing a first-party user management .NET SDK on March 24th that gives you Passkeys, MFA, and audit trails out-of-the-box. Keep your data control, ditch the custom coding.

RSVP: duende.link/78q3hk

#dotnet #aspnet

Application Modernization Future-proof your apps with Duende's identity modernization. Get better security and control while preserving your existing identity logic.

SaaS providers are black boxes. Duende gives you full source access. Step-through to understand exactly how it all works.

Learn how: duende.link/appmodb

#aspnet #aspnetcore #dotnet

Client-Initiated Backchannel Authentication (CIBA) in ASP.NET Core 10 with Duende Identity Server Learn about the Client-Initiated Backchannel Authentication (CIBA) standard, an OpenID Connect extension for authenticating users on a separate device. See how to implement this high-trust flow with…

Authentication on a different device from the one you're using? 🧐

Learn how to implement Client-Initiated Backchannel Authentication (CIBA) in #ASPNETCore and #dotnet: duende.link/3ysz4u

Especially helpful in high-trust scenarios.

Training Information

Duende Software's legendary training on Identity and Access Management was originally created by Dominick Baier and Brock Allen.

We're offering the training online/remotely as 6 half-day blocks in EU afternoons/US mornings, starting March 10.

Read more and sign up at sustainsys.com/training

Livestream: Are your access tokens really secure? Are your APIs vulnerable? Explore JWT pitfalls, learn to prevent exploits, and compare JWTs vs. opaque tokens in this expert-led session.

The livestream starts NOW! 🔴 Security you can’t prove isn’t security, it’s hope.

Stop relying on manual checks. We’re showing you how to automate your security testing to ensure your API only accepts your trusted tokens.

🔗 Join us now: duende.link/lsjwt26b

#OAuth2 #JWT #DotNet

Rate Limiting IdentityServer Endpoints Learn why rate limiting Duende IdentityServer endpoints is usually unnecessary, and when you do need it. Explore a layered approach using network proxies, ASP.NET Core middleware, and custom…

Should you add rate limiting to your Duende IdentityServer deployment? 🤔

Our new article breaks down the why (and why not), plus 3 implementation options.

Read the full article 👉 duende.link/87wrkjh

#dotnet #ASPNETCore #OAuth #OpenIDConnect

Null exceptions are costly. We are enforcing strict Nullable Reference Types across the IdentityServer API in .NET 10. The compiler catches bugs before you deploy.

The community deserves rigorous design.

Learn More: duende.link/bpicb

#aspnet #dotnet

The Big Picture An overview of modern application architecture patterns and how OpenID Connect and OAuth 2.0 protocols implemented by IdentityServer solve authentication and API access challenges

Stability is a community asset. Aligning with the Microsoft LTS schedule provides a shared timeline for the industry. We can all plan, budget, and coordinate releases together.

Predictability helps the whole community function better.

Learn more: duende.link/bpicb

#aspnet #dotnet #LTS

Implementing Zero Trust with Resource Isolation Learn how to enforce strict trust boundaries between your APIs and prevent overprivileged access tokens by adopting Resource Isolation, based on OAuth 2.0's RFC 8707, with Duende IdentityServer.

No more overprivileged access tokens? 🔑

Implement strict trust boundaries in your APIs with resource isolation (#OAuth RFC 8707).

Learn how to configure it in Duende IdentityServer: duende.link/87qt2j

#dotnet

MORE Essential HTTP Headers In this video, we look deeper into critical security-related HTTP headers that can significantly strengthen your website's defenses. What you'll learn in this video: * X-Content-Type-Options:…

In this video, we look deeper into critical security-related HTTP headers that can significantly strengthen your website's defenses. Expect X-Content-Type-Options, Referrer-Policy:, X-FRAME-OPTIONS, Content Security Policy (CSP), ...

youtu.be/OztgrdMQG94 #dotnet #aspnetcore #SecurityTips

Jennifer Lawrence "What Do You Mean" #shorts YouTube video by Quotes For Eternity

www.youtube.com/shorts/LRt3x...

Duende IdentityServer The most flexible and standards-compliant OpenID Connect and OAuth framework for ASP.NET Core.

SaaS providers are black boxes. Duende gives you full source access. Step-through to understand exactly how it all works.

Learn More: duende.link/2swrhhw

#aspnet #aspnetcore #dotnet

Supply chain something something... not an issue - all focus back on AI!

BenchmarkDotNet - Open Source Sponsorship Duende Software's latest Open Source Sponsorship goes to BenchmarkDotNet, a benchmarking library for .NET.

We're proud to announce that Duende Software's latest Open Source Sponsorship goes to #BenchmarkDotNet! 🚀

Check out the full post for details on the project: duende.link/o55bmd

#dotnet

Going Passwordless - A Practical Guide to Passkeys in ASP.NET Core - Maarten Balliauw YouTube video by NDC Conferences

Recording of my talk on passkeys in #aspnetcore at NDC Copenhagen is up! #dotnet

Also includes a pointer on how to add passkeys to Razor Pages for folks who aren't on the #Blazor train.

www.youtube.com/watch?v=P7eb... #dotnet

Building a Federation Gateway with Duende IdentityServer: Strategies and Considerations for Identity Orchestration Learn the core benefits of building a federation gateway that brings together Entra ID, Okta, SAML, Auth0 though a centralized authentication provider like DUende IdentityServer.

Simplify your identity mess! 🤯

Learn how a Federation Gateway with Duende IdentityServer orchestrates all your IdPs (Entra ID, Google, SAML) for unified, agile security. Must-read architecture deep dive!

duende.link/8aefizq

#IdentityOrchestration #SSO #Security #dotnet

GitHub - adamralph/minver: 🏷 Minimalistic versioning using Git tags. 🏷 Minimalistic versioning using Git tags. Contribute to adamralph/minver development by creating an account on GitHub.

My OSS is developed by humans github.com/adamralph/mi...

Building a Federation Gateway with Duende IdentityServer: Strategies and Considerations for Identity Orchestration Learn the core benefits of building a federation gateway that brings together Entra ID, Okta, SAML, Auth0 though a centralized authentication provider like DUende IdentityServer.

Stop struggling with diverse identity providers. 🛑

A Federation Gateway, such as Duende IdentityServer, is the key to:
🔑 Centralized Compliance
⚡️ Operational Agility
👤 Unified User Login

duende.link/8aefizq

#IdentityOrchestration #SSO #Security #dotnet

Duende Resolution: Don't Store Tokens in the Browser. 🔐

Browser tokens are an XSS risk. Secure your SPAs and Blazor WASM apps with the Duende BFF framework, the best way to handle protocol interactions and token management safely.

➡️ duende.link/bff4b1b

Join the Duende Insiders Discord Server! Check out the Duende Insiders community on Discord – hang out with 42 other members and enjoy free voice and text chat.

The Duende Product Insiders program is a private technical channel for partnership. Discuss Identity Strategy, Architecture, and Deployment Nuances directly with Duende experts. Stop guessing, start collaborating. 🙌

➡️ duende.link/discord

Duende Product Insiders We invite you to join a deeply technical, standards-driven community to help shape the future of .NET security and identity.

For devs who care about identity 🚨, Product Insiders get:

- Early access to features.

- Deep collaboration with Duende leaders.

- Direct influence on .NET identity & security.

Where standards meet code. Apply: duende.link/insiders

#DuendeInsiders #SecurityExperts

Secure frontend apps with the BFF Pattern Secure frontend apps with the Backend for Frontend (BFF) pattern. Simplify token management and boost security using Duende BFF v4, with multi-frontend support.

BFF v4: You can't secure what you can't see.

OpenTelemetry is baked right in for end-to-end observability of your auth journey (redirect, token exchange, API calls).

duende.link/bff4b1b

#OpenTelemetry #Observability #DuendeBFF #Diagnostics #Tracing

Join the Duende Insiders Discord Server! Check out the Duende Insiders community on Discord – hang out with 42 other members and enjoy free voice and text chat.

Your opinion on that tricky DPoP implementation? We want it. Duende Product Insiders is the high-signal, zero-noise channel for advanced .NET identity and security discussions. Join Duende's Product Insiders.

➡️ duende.link/discord

#dotnet #ZeroNoise #Identity

Join the Duende Insiders Discord Server! Check out the Duende Insiders community on Discord – hang out with 42 other members and enjoy free voice and text chat.

Identity developers, lead the way! Join Duende Product Insiders: Directly influence the roadmap, get early feature access, and collaborate with senior experts. Your expertise is needed.

Apply today: duende.link/discord

#DuendeInsiders #SecurityExperts

Duende BFFv4 is now available Duende BFFv4 is now available! Learn about multi-frontend, simplified security, and unlock end-to-end visibility with OpenTelemetry.

🛡️ BFF v4: Frontend Security Simplified

Frontend devs shouldn't handle tokens or refresh cycles. BFF keeps security on the server, eliminating XSS risks.

v4 adds multi-frontend support for operational sanity. Ditch the token burden entirely.

➡️ duende.link/bff4b0b

Happy Holidays from the Duende Team! 🎄

As the year winds down, we want to thank our amazing community for trusting Duende Software to secure your applications. We wish you and yours a wonderful holiday season filled with joy, rest, and peace.

Wishing you safe deployments and happy days!

Join the Duende Insiders Discord Server! Check out the Duende Insiders community on Discord – hang out with 42 other members and enjoy free voice and text chat.

Stop wishing for a feature. Start building it with us. The Duende Product Insiders program is your channel for direct influence on the IdentityServer and BFF roadmap.

Join the Insiders: duende.link/discord

#DuendeSoftware #IdentityServer

Building a Federation Gateway with Duende IdentityServer: Strategies and Considerations for Identity Orchestration Learn the core benefits of building a federation gateway that brings together Entra ID, Okta, SAML, Auth0 though a centralized authentication provider like DUende IdentityServer.

Stop struggling with diverse identity providers. 🛑

A Federation Gateway, such as Duende IdentityServer, is the key to:
🔑 Centralized Compliance
⚡️ Operational Agility
👤 Unified User Login

duende.link/8aefizq

#IdentityOrchestration #SSO #Security #dotnet