We think that PAR is one of the easiest ways to increase the security of OAuth and OpenID Connect. That’s why we prioritized the implementation of the RFC and released fully featured support in IdentityServer v7.
Unfortunately, it wasn’t as straightforward as it could be to add client-side PAR support to an existing ASP.NET Core application using the Microsoft OpenID Connect authentication handler.
Almost exactly four years ago we announced the big news of transitioning our free, open-source project, IdentityServer, to a commercial, source-available product.
As a part of that transition, we founded Duende Software as the new home for our products. Our main goal was to focus on IdentityServer – turning it into a sustainable product, improving the quality and reliability of our code base, and enhancing our samples, documentation and customer support.
Duende.AccessTokenManagement 3.0 is out now! Highlights of this release include:
See the release notes for the full details, or read on for a quick summary.