Intro to Identity Management Solution - Identity Server

Scenario

You just got a project handed to you that requires setting up some sort of custom Identity Management solution in-house that has to integrate with existing applications based on ASP.net Identity implementation.

Overview of Requirements

1. Built on the .net platform (ideally in C#).
2. Must adhere to OOD/OOP principles (e.g. SOLID).
3. Ability to support multiple client(s) and provide authentication as well as authorization capabilities out-of-box.
4. Tailored for the modern applications that use JSON data format.
5. Centralize user authentication logic.
6. Fully customizable to suit business needs.
7. Ability to integrate with external providers (e.g. Google, Facebook, Azure AD, etc.)

Solution

So after evaluating a couple of solutions, we narrowed down to IdentityServer. It turned out to be an ideal choice for us as we saw the potential back when it was first released. It's an open source solution with great community support and provides access control along with identity management solution. It uses OpenID Connect to perform authentication and OAuth 2.0 to perform authorization. As of this writing, these are industry standards when it comes to providing security on the web.

How is it working out so far?

I finished implementing this solution back in early 2017 and it has lived up to its potential as the solution is currently being used by two publicly facing websites along with multiple internally hosted applications. It has taken away a lot of burden for everyone in the team as they no longer have to worry about user authentication/authorization.

Along the way, we also integrated an external provider (Azure AD) and it was trivial.

What now?

Keep on a lookout for additional posts that will delve into some of the gotchas I came across. This wasn't necessarily related to the solution itself but not knowing all the details and customizations that I had to make to get there...so stay tuned!