Feature Spotlight: Resource Isolation
This is the second part in a series of posts covering new (and old) features of Duende IdentityServer. These posts are not supposed to be super technical deep dives (that’s what documentation is for), but rather explain the feature at a more conceptual level, why it exists, and why it might useful for you. The Problem OAuth itself only knows about scopes - the (API) resource concept we use in Duende IdentityServer does not exist from a pure protocol point of view.
Introducing Community Edition
One of the downsides of free open source is, that you only get to know a very small subset of your user-base and scenarios where your software is used. Since we announced the new license in October, we spoke to a tremendous amount of companies and developers that use IdentityServer in a vast amount of different scenarios. It’s very hard to find a “one size fits all” pricing model, and we’ve been trying to fine tune our offerings to make it work for as many people as possible.
Just a quick update: we published preview 2 of Duende IdentityServer to Nuget! The big feature added in preview 2 is the final version of key management. We polished the API surface, added support for multiple keys and added the EF persistence layer. You can find the preview docs here. If there are any problems, please let us know on our issue tracker or contact us via our website. Duende IdentityServer Nuget package EF and ASP.
Feature Spotlight: Automatic Key Management
This is the first part in a series of posts covering new (and old) features of Duende IdentityServer. These posts are not supposed to be super technical deep dives (that’s what documentation is for), but rather explain the feature at a more conceptual level, why it exists, and why it might useful for you. The Problem Obviously, a very important part of a security token service is the key material to sign the actual security tokens.
Just a quick update: we published preview 1 of Duende IdentityServer to Nuget! Preview sounds scary - but this is really just the migrated code-base of IdentityServer4 and the initial feature set of the new automatic key management (I will publish a separate post going into more details about that soon). Duende IdentityServer is free for development and testing. Start here and give it a try! Here’s a list of all the new bits:
Thanks for all your feedback and best wishes! Starting a company is hard, and pricing your products is even harder. We read every single piece of feedback and make some slight adjustments to our license, tiers, included clients and discounts we can give. Please keep in mind, that at this point we are also a startup and try to find good solutions that are sustainable for all of us. Please don’t hesitate to contact us so we can continue fine tuning our company.
Welcome to Duende Software! This company was founded by Brock Allen and Dominick Baier. We’ve been working together since 2009 on free open-source security software. Probably the most well-known is IdentityServer, which is an OpenID Connect and OAuth 2.0 framework for ASP.NET and ASP.NET Core. In 2020 we decided to make the switch from free open-source to a stronger foundation to work on our software. If you are interested in the long version of the history see here.