Using Identity Server 4 with .NET framework

I recently worked on migration project to upgrade a number of 4.6.2 projects to dot net core (actually it ended up being net 5 by the time the project finished).

As part of the migration we wanted to use Identity Server 4 ( #to manage authentication. The application was a suite of web applications and APIs, having a central point to manage the authentication between each of these layers seemed to make sense.

Whilst the examples on the identity server wiki site are great if you are connecting with a dot net core client ( they are rather lacking for .NET framework examples.

The application was still being developed at the same time as the migration project, therefore we needed to try and minimise the rework. We decided to tackle the front-end client as a new dot net core project, and leave the API on full framework.

This meant we needed both .NET framework and dot net core projects to connect to the same identity server and share the tokens between the two.

Connecting the front-end client to the identity server was simple (just follow the package installs and config as described on the wiki site). However setting up the API to use the same endpoint proved to be more difficult (and not well documented).

My first step was to introduce Owin into the API project, I created a “Startup.cs” with the OwinStartup attributes in the “App_Start” folder

I then added the package “IdentityServer3.AccessTokenValidation”

I did have to make a change to the Identity Server to support this package. In the setup of the identity server:

I had to add AccessTokenJwtType to be “JWT” and EmitStaticAudienceClaim to be true

Once this was configured the front end client could connect to Identity server, get a valid token (with the appropriate scope of “api”) and call the .NET framework API.

Ultimately, once we were in a position to migrate the API to net 5 we were able to remove this, but in that interim period where we needed both full framework and core to connect it was a good bridge.




Technical Operations Director at kwiboo. Experienced project manager, technical architect and lead .net developer.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

5 essential tips and tricks to writing effective research papers using LaTeX

Arrow functions in JavaScript

At 18, This is How I Got Hired As a Developer

Using Overnightjs + Sequelize in Typescript to create Nodejs app

The Web-Connected MIDI Trumpet Robot

TypeScript: How and Why You Should Learn It

Konmari Your Code! Use Nullish Coalescing in JavaScript ES2020 ✨

Creating viewport aware video in react native with expo

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alex Driver

Alex Driver

Technical Operations Director at kwiboo. Experienced project manager, technical architect and lead .net developer.

More from Medium

Option patterns with custom configuration provider in .NET

Role Based Acces Control with Blazor and Auth0 I

Create a CLI tool with .Net6

Troubleshooting .NET performance issues with Datadog toolbox