User Management
This section contains a sample demonstrating Duende User Management with IdentityServer. User Management is a user store and authentication platform that ships as a NuGet package and replaces ASP.NET Identity for IdentityServer scenarios.
User Management Getting Started Sample
Section titled “User Management Getting Started Sample”This sample contains the finished source code for the Getting Started with User Management tutorial.
Full User Management Sample
Section titled “Full User Management Sample”This sample demonstrates a full IdentityServer deployment using Duende User Management for user storage and authentication. It covers multiple authentication methods working together in a single application, orchestrated by .NET Aspire.
Authentication methods demonstrated:
- Email OTP: enter email, receive a code via SMTP, verify, and sign in (unknown emails are auto-registered)
- Password + TOTP 2FA: email/password login with time-based one-time password as a second factor
- Passkeys: after first OTP login, users are prompted to register a passkey for future passwordless sign-in
- Passkey as second factor: after password verification, users can tap a passkey instead of entering a TOTP code
- Google external login: OAuth callback creates or links a local profile automatically
Additional features:
- User profile management using a schema-driven attribute model (extensible attributes rather than a fixed user table)
- ASP.NET Identity migration: the Admin Import page demonstrates bulk-importing users from an existing ASP.NET Identity database, including password hash compatibility, claims-to-attributes mapping, and deterministic subject ID generation
- Second factor state management: encrypted cookies coordinate the 2FA flow between password verification and TOTP/passkey completion
The sample uses .NET Aspire to orchestrate IdentityServer, a client application, and Mailpit (for local email testing)
in a single dotnet run command.