• Products
    • IdentityServer
    • IdentityServer for Redistribution
    • Backend for Frontend (BFF) Security Framework
  • Documentation
  • Training
  • Resources
    • Company Blog
    • Featured Articles
    • About
      • Company
      • Partners
      • Careers
      • Contact
    Duende Software Blog
    • Products
      • IdentityServer
      • IdentityServer for Redistribution
      • Backend for Frontend (BFF) Security Framework
      • Open Source
    • Documentation
    • Training
    • Resources
      • Company Blog

        Stay up-to-date with the latest developments in identity and access management.

      • Featured Articles
      • About
        • Company
        • Partners
        • Careers
        • Contact
      • Start for free
        Contact sales

      Duende BFF Security Framework V3 released!

      Erwin van der Valk Principal Product Software Engineer at Duende Software Erwin van der Valk Maarten Balliauw Head of Customer Success at Duende Software Maarten Balliauw

      published on March 17, 2025

      Good news! We are happy to share a new major version of the Duende Backend-for-Frontend (BFF) Security Framework V3 with you.

      When building applications with SPA frameworks like React, Angular, VueJs or Blazor, Backend-For-Frontend (BFF) makes it easier and more secure to integrate and manage OAuth/OpenID Connect interactions.

      In this post, let’s explore what’s new in Duende BFF v3.

      What’s new in BFF v3?

      Since the release candidate version a few weeks ago, we have been hard at polishing existing and new functionality, samples and documentation.

      To recap what’s new:

      • Support for .NET 8 and .NET 9
      • Blazor support
      • Several fixes and improvements
        • Bff YARP proxy improvements #1734 (many thanks to @ArturDorochowicz for bringing this issue to our attention and providing a solution direction)
        • AddAddEntityFrameworkServerSideSessionsServices in Duende.Bff.EntityFramework/Configuration/BffBuilderExtensions.cs #1695
        • Async GetUserClaims, GetManagementClaims #1702
        • Consolidating ClaimRecord and ClaimLite #1697
        • Prevent log warning when expected duplicate key constraint is violated. #1763
        • Signout on refresh token expire #1803
        • Bumped version of Duende.AccessTokenManagement to 3.2.0 #1804

      To upgrade to BFF V3, bumping the NuGet package version should be sufficient if you rely on the default extension methods for wiring up the BFF in your applications. For more advanced scenarios, there are a few (breaking) changes to be aware of. See the release notes on GitHub and upgrade documentation for more details.

      Updated documentation

      The Backend-For-Frontend (BFF) documentation has a new home. We’ve restructured the documentation to make it easier to find information and learn about using the BFF pattern in your applications.

      Give the Duende BFF Security Framework V3 release a try and let us know about your experience!

      Duende logo

      Products

      • IdentityServer
      • IdentityServer for Redistribution
      • Backend for Frontend (BFF)
      • IdentityModel
      • Access Token Management
      • IdentityModel OIDC Client

      Community

      • Documentation
      • Company Blog
      • GitHub Discussions

      Company

      • Company
      • Partners
      • Training
      • Quickstarts
      • Careers
      • Contact

      Subscribe to our newsletter

      Stay up-to-date with the latest developments in identity and access management.

      Copyright © 2020-2025 Duende Software. All rights reserved.

      Privacy Policy | Terms of Service