IdentityServer4.Storage

OpenID Connect and OAuth 2.0 Framework for ASP.NET Core

Latest version: 4.1.2 registry icon
Maintenance score
33
Safety score
100
Popularity score
100
Check your open source dependency risks. Get immediate insight about security, stability and licensing risks.
Security
  Vulnerabilities
Version Suggest Low Medium High Critical
4.1.2 0 0 0 0 0
4.1.1 0 0 0 0 0
4.1.0 0 0 0 0 0
4.0.4 0 0 0 0 0
4.0.3 0 0 0 0 0
4.0.2 0 0 0 0 0
4.0.1 0 0 0 0 0
4.0.0 0 0 0 0 0
3.1.4 0 0 0 0 0
3.1.3 0 0 0 0 0
3.1.2 0 0 0 0 0
3.1.1 0 0 0 0 0
3.1.0 0 0 0 0 0
3.0.2 0 0 0 0 0
3.0.1 0 0 0 0 0
3.0.0 0 0 0 0 0
2.5.4 0 0 0 0 0
2.5.3 0 0 0 0 0
2.5.2 0 0 0 0 0
2.5.1 0 0 0 0 0
2.5.0 0 0 0 0 0
2.4.0 0 0 0 0 0
2.3.1 0 0 0 0 0
2.3.0 0 0 0 0 0

Stability
Latest release:

4.1.2 - This version may not be safe as it has not been updated for a long time. Find out if your coding project uses this component and get notified of any reported security vulnerabilities with Meterian-X Open Source Security Platform

Licensing

Maintain your licence declarations and avoid unwanted licences to protect your IP the way you intended.

Apache-2.0   -   Apache License 2.0

Not a wildcard

Not proprietary

OSI Compliant



Security Vulnerability Found

IdentityServer4 contains a known Open Redirect vulnerability (CVE-2024-39694) that we do not intend to address in IdentityServer4. Please see the security advisory for more details and consider upgrading to Duende.IdentityServer to receive updates.

Important update

This project is not maintained anymore. This repo will be archived when .NET Core 3.1 end of support is reached (13th Dec 2022). All new development is happening in the new Duende Software organization.

See here for more details.

About IdentityServer4

IdentityServer is a free, open source OpenID Connect and OAuth 2.0 framework for ASP.NET Core. Founded and maintained by Dominick Baier and Brock Allen, IdentityServer4 incorporates all the protocol implementations and extensibility points needed to integrate token-based authentication, single-sign-on and API access control in your applications. IdentityServer4 is officially certified by the OpenID Foundation and thus spec-compliant and interoperable. It is part of the .NET Foundation, and operates under their code of conduct. It is licensed under Apache 2 (an OSI approved license).

For project documentation, please visit readthedocs.

Branch structure

Active development happens on the main branch. This always contains the latest version. Each (pre-) release is tagged with the corresponding version. The aspnetcore1 and aspnetcore2 branches contain the latest versions of the older ASP.NET Core based versions.

How to build

  • Install the latest .NET Core 3.1 SDK
  • Install Git
  • Clone this repo
  • Run build.ps1 or build.sh in the root of the cloned repo

Documentation

For project documentation, please visit readthedocs.

See here for the 1.x docs, and here for the 2.x docs.

Bug reports and feature requests

Please use the issue tracker for that. We only support the latest version for free. For older versions, you can get a commercial support agreement with us.

Commercial and Community Support

If you need help with implementing IdentityServer4 or your security architecture in general, there are both free and commercial support options. See here for more details.

Sponsorship

If you are a fan of the project or a company that relies on IdentityServer, you might want to consider sponsoring. This will help us devote more time to answering questions and doing feature development. If you are interested please head to our Patreon page which has further details.

Platinum Sponsors

Corporate Sponsors

Ritter Insurance Marketing
ExtraNetUserManager
Knab

You can see a list of our current sponsors here - and for companies we have some nice advertisement options as well.

Acknowledgements

IdentityServer4 is built using the following great open source projects and free services:

..and last but not least a big thanks to all our contributors!