Learn how to create a simple SecureTokenServer (STS) which issues tokens to registered clients and handles user and session management using IdentityServer4, with detailed guides on implementing various Grant Types for peculiar use cases. For the complete project: https://github.com/referbruv/simple-sts
In this article, let's get to know in detail about how Token servers work and how we create and secure our AspNetCore APIs with IdentityServer4.
In this article, let's look at Implementing ClientCredentials auth flow, which is one of the basic auth flows used for securing and granting access to API resources to clients which possess an access_token issued by the configured TokenServer safeguarding the API.
In this article, let's talk about another such simple Flow - which can be used for user authentication. It is called as the Resource Owner Password Credentials Grant (ROPC) flow.
let's look at how we can authenticate users and issue JWT tokens for those authenticated and secure app interactions in Angular.
we can implement our Authorization Code flow where a User directly interacts with the Token Server to authenticate and authorize a client for resource access. This flow is further strengthened by PKCE aka Proof Key for Code Exchange, which adds another layer of security by means of code challenge and code verifier identifiers.