A guide on using domain_hint and login_hint parameters to automatically select the correct Microsoft Entra tenant during authentication, improving user experience.
A technical guide on implementing multi-tenancy in Keycloak using a single realm and client, focusing on user attributes and client scopes.
Jakarta Security 3's major update introduces OpenID Connect authentication, alongside its core API and underlying SPIs for Jakarta EE.
Announcing the new OpenIddict client library for .NET, designed to provide a unified OAuth 2.0/OpenID Connect experience across different application types.
Analysis of Microsoft's decision to use Duende IdentityServer in .NET 6 templates and the push towards cloud authentication services like Azure AD.
OpenIddict 3.0, a .NET OpenID Connect server and validation library, is now generally available with a rewritten, event-oriented architecture.
Explores using OrchardCore's OpenID management feature as an alternative to IdentityServer, focusing on integration with an existing OpenIddict deployment.
Announcement of major changes to the IdentityServer project, including its future development and commercial support plans.
Announcing OpenIddict 3.0 beta1, a major rewrite of the OpenID Connect server and validation library for .NET with new features and broader framework support.
Explains how to use the OAuth 2.0 device authorization grant for secure user authentication in desktop applications.
Explains how to use OpenIddict 3.0's degraded mode to create a minimalist OpenID Connect proxy server for delegating authentication.
Guide to creating automated integration tests for Azure AD-protected APIs using XUnit, covering authentication strategies and implementation.
Explains the relationship between scopes and claims in IdentityServer for OpenID Connect and OAuth 2.0, covering identity and API scope design.
Guide to fixing Google authentication in ASP.NET Core after Google+ API shutdown, using OpenID Connect as a replacement.
How to properly validate Azure AD tokens in a multitenant ASP.NET Core app using a custom issuer validator.
A technical guide on implementing Azure AD single sign-out in ASP.NET Core applications, explaining configuration and the SameSite cookie requirement.
Analysis of a session fixation vulnerability in Auth0's ASP.NET and OWIN SDKs, its impact, and the migration path to a secure alternative.
Explains how to use the new OpenIddict RC3 events model to implement advanced OAuth/OpenID Connect scenarios in your applications.
OpenIddict RC3 release introduces revamped registration APIs, specialized service builders, and a new validation handler for ASP.NET Core.
Announcing the RTM release of aspnet-contrib OAuth 2.0/OpenID 2.0 social providers for ASP.NET Core 1.x and 2.x, with a list of available packages.
