Vulnerabilities | |||||
---|---|---|---|---|---|
Version | Suggest | Low | Medium | High | Critical |
4.1.2 | 0 | 0 | 0 | 0 | 0 |
4.1.1 | 0 | 0 | 0 | 0 | 0 |
4.1.0 | 0 | 0 | 0 | 0 | 0 |
4.0.4 | 0 | 0 | 0 | 0 | 0 |
4.0.3 | 0 | 0 | 0 | 0 | 0 |
4.0.2 | 0 | 0 | 0 | 0 | 0 |
4.0.1 | 0 | 0 | 0 | 0 | 0 |
4.0.0 | 0 | 0 | 0 | 0 | 0 |
3.1.4 | 0 | 0 | 0 | 0 | 0 |
3.1.3 | 0 | 0 | 0 | 0 | 0 |
3.1.2 | 0 | 0 | 0 | 0 | 0 |
3.1.1 | 0 | 0 | 0 | 0 | 0 |
3.1.0 | 0 | 0 | 0 | 0 | 0 |
3.0.2 | 0 | 0 | 0 | 0 | 0 |
3.0.1 | 0 | 0 | 0 | 0 | 0 |
3.0.0 | 0 | 0 | 0 | 0 | 0 |
2.5.5 | 0 | 0 | 0 | 0 | 0 |
2.5.4 | 0 | 0 | 0 | 0 | 0 |
2.5.3 | 0 | 0 | 0 | 0 | 0 |
2.5.2 | 0 | 0 | 0 | 0 | 0 |
2.5.1 | 0 | 0 | 0 | 0 | 0 |
2.5.0 | 0 | 0 | 0 | 0 | 0 |
2.4.0 | 0 | 0 | 0 | 0 | 0 |
2.3.1 | 0 | 0 | 0 | 0 | 0 |
2.3.0 | 0 | 0 | 0 | 0 | 0 |
4.1.2 - This version may not be safe as it has not been updated for a long time. Find out if your coding project uses this component and get notified of any reported security vulnerabilities with Meterian-X Open Source Security Platform
Maintain your licence declarations and avoid unwanted licences to protect your IP the way you intended.
Apache-2.0 - Apache License 2.0IdentityServer4 contains a known Open Redirect vulnerability (CVE-2024-39694) that we do not intend to address in IdentityServer4. Please see the security advisory for more details and consider upgrading to Duende.IdentityServer to receive updates.
This project is not maintained anymore. This repo will be archived when .NET Core 3.1 end of support is reached (13th Dec 2022). All new development is happening in the new Duende Software organization.
See here for more details.
IdentityServer is a free, open source OpenID Connect and OAuth 2.0 framework for ASP.NET Core. Founded and maintained by Dominick Baier and Brock Allen, IdentityServer4 incorporates all the protocol implementations and extensibility points needed to integrate token-based authentication, single-sign-on and API access control in your applications. IdentityServer4 is officially certified by the OpenID Foundation and thus spec-compliant and interoperable. It is part of the .NET Foundation, and operates under their code of conduct. It is licensed under Apache 2 (an OSI approved license).
For project documentation, please visit readthedocs.
Active development happens on the main branch. This always contains the latest version. Each (pre-) release is tagged with the corresponding version. The aspnetcore1 and aspnetcore2 branches contain the latest versions of the older ASP.NET Core based versions.
build.ps1
or build.sh
in the root of the cloned repoFor project documentation, please visit readthedocs.
See here for the 1.x docs, and here for the 2.x docs.
Please use the issue tracker for that. We only support the latest version for free. For older versions, you can get a commercial support agreement with us.
If you need help with implementing IdentityServer4 or your security architecture in general, there are both free and commercial support options. See here for more details.
If you are a fan of the project or a company that relies on IdentityServer, you might want to consider sponsoring. This will help us devote more time to answering questions and doing feature development. If you are interested please head to our Patreon page which has further details.
Ritter Insurance Marketing
ExtraNetUserManager
Knab
You can see a list of our current sponsors here - and for companies we have some nice advertisement options as well.
IdentityServer4 is built using the following great open source projects and free services:
..and last but not least a big thanks to all our contributors!