Protecting APIs

Duende IdentityServer issues tokens for accessing resources.

These resources are very often HTTP-based APIs, but could be also other “invocable” functionality like messaging endpoints, gRPC services or even good old XML Web Services. See the issuing tokens section on more information on access tokens and how to request them.