Skip to content
Duende Software Docs
Livestream launch event: Duende IdentityServer v7.3 with FAPI 2.0 & new quickstart templates. Register now!

Packaging and Builds

Product

Section titled “Product”

The licensed and supported libraries can be accessed via NuGet:

Templates

Section titled “Templates”

Contains Duende templates for the dotnet CLI to help jump-start your Duende-powered solutions.

You can install the templates using the following command:

Terminal
dotnet new install Duende.Templates
Templates NuGet Package for IdentityServer Templates
Source Code Source code for IdentityServer Templates

Running the command dotnet new list duende should give you a list of the following templates

Terminal window
Template Name                                               Short Name            Language  Tags
----------------------------------------------------------  --------------------  --------  -------------------------
Duende BFF Host using a Remote API                          duende-bff-remoteapi  [C#]      Web/Duende/BFF
Duende BFF using a Local API                                duende-bff-localapi   [C#]      Web/Duende/BFF
Duende BFF with Blazor autorender                           duende-bff-blazor     [C#]      Web/Duende/BFF
Duende IdentityServer Empty                                 duende-is-empty       [C#]      Web/Duende/IdentityServer
Duende IdentityServer Quickstart UI (UI assets only)        duende-is-ui          [C#]      Web/IdentityServer
Duende IdentityServer with ASP.NET Core Identity            duende-is-aspid       [C#]      Web/Duende/IdentityServer
Duende IdentityServer with Entity Framework Stores          duende-is-ef          [C#]      Web/Duende/IdentityServer
Duende IdentityServer with In-Memory Stores and Test Users  duende-is-inmem       [C#]      Web/Duende/IdentityServer

Template Descriptions

Section titled “Template Descriptions”

In this section, we’ll discuss what each IdentityServer template offers and why you would choose to start with it. While there are similarities across templates, there are nuances that can make for better starting points depending on your particular use case.

We’ll start with the simplest templates and then move to the most feature-rich ones. Many of these templates build on each other’s work, so moving from one to another is straightforward.

All templates are provided as a starting point for your customization. Using the templates, you assume development responsibility for the choices, alterations, and inevitable deployment of your IdentityServer instance.

Duende IdentityServer Empty

Section titled “Duende IdentityServer Empty”

You want to run the following command to start using the Duende IdentityServer Empty template.

Terminal window
dotnet new duende-is-empty

Once created, this template has three essential files: Config, HostingExtensions, and Program.

You can modify the Config file to add clients, scopes, and claims, as all configurations are from in-memory objects.

public static class Config
{
    public static IEnumerable<IdentityResource> IdentityResources =>
        new IdentityResource[]
        {
            new IdentityResources.OpenId()
        };


    public static IEnumerable<ApiScope> ApiScopes =>
        new ApiScope[]
            { };


    public static IEnumerable<Client> Clients =>
        new Client[]
            { };
}

This template doesn’t include user interface elements, so it doesn’t support OpenID Connect unless you add those UI elements. You can do so by running the UI-only template of duende-is-ui.

Terminal window
dotnet new duende-is-ui --project <name of web app>

The executed command will add Razor Pages to your web project. You will need to add Razor Pages to your HostingExtensions file.

using Serilog;


internal static class HostingExtensions
{
    public static WebApplication ConfigureServices(this WebApplicationBuilder builder)
    {
        builder.Services.AddRazorPages();


        builder.Services.AddIdentityServer()
            .AddInMemoryIdentityResources(Config.IdentityResources)
            .AddInMemoryApiScopes(Config.ApiScopes)
            .AddInMemoryClients(Config.Clients)
            .AddLicenseSummary();


        return builder.Build();
    }


    public static WebApplication ConfigurePipeline(this WebApplication app)
    {
        app.UseSerilogRequestLogging();


        if (app.Environment.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }


        app.UseStaticFiles();
        app.UseRouting();


        app.UseIdentityServer();
        app.UseAuthorization();
        app.MapRazorPages().RequireAuthorization();


        return app;
    }
}

Duende IdentityServer with In-Memory Stores and Test Users

Section titled “Duende IdentityServer with In-Memory Stores and Test Users”

The duende-is-inmem template is similar to the duende-is-empty and duende-is-ui templates combined into a single project template.

Terminal window
dotnet new duende-is-inmem

This template differs from others in that we have defined some starting clients, scopes, and claims for common development scenarios and a speedier development experience.

Config.cs
public static class Config
{
    public static IEnumerable<IdentityResource> IdentityResources =>
        new IdentityResource[]
        {
            new IdentityResources.OpenId(),
            new IdentityResources.Profile(),
        };


    public static IEnumerable<ApiScope> ApiScopes =>
        new ApiScope[]
        {
            new ApiScope("scope1"),
            new ApiScope("scope2"),
        };


    public static IEnumerable<Client> Clients =>
        new Client[]
        {
            // m2m client credentials flow client
            new Client
            {
                ClientId = "m2m.client",
                ClientName = "Client Credentials Client",


                AllowedGrantTypes = GrantTypes.ClientCredentials,
                ClientSecrets = { new Secret("511536EF-F270-4058-80CA-1C89C192F69A".Sha256()) },


                AllowedScopes = { "scope1" }
            },


            // interactive client using code flow + pkce
            new Client
            {
                ClientId = "interactive",
                ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) },


                AllowedGrantTypes = GrantTypes.Code,


                RedirectUris = { "https://localhost:44300/signin-oidc" },
                FrontChannelLogoutUri = "https://localhost:44300/signout-oidc",
                PostLogoutRedirectUris = { "https://localhost:44300/signout-callback-oidc" },


                AllowOfflineAccess = true,
                AllowedScopes = { "openid", "profile", "scope2" }
            },
        };
}

This template is a great starting point for proof of concepts and a learning tool for developers experiencing OAuth 2.0 and OpenID Connect in the .NET space for the first time.

Duende IdentityServer with Entity Framework Stores

Section titled “Duende IdentityServer with Entity Framework Stores”

For developers looking to quickly go to a production-like environment, starting with the duende-is-ef template is a great starting point.

Terminal window
dotnet new duende-is-ef

This template stores all operational and configuration data of the IdentityServer instance in your chosen data storage, utilizing EF Core’s ability to target multiple database engines.

The template targets SQLite by default, but we have included scripts to easily swap out and regenerate migrations for your database.

Read more about the Entity Framework Core setup here.

Duende IdentityServer with ASP.NET Core Identity

Section titled “Duende IdentityServer with ASP.NET Core Identity”

The Duende IdentityServer with ASP.NET Core Identity template integrates with ASP.NET Identity to provide you with an instance of Duende IdentityServer that has a user store powered by the Microsoft library.

Please read our ASP.NET Identity documentation, to learn more about this integration.