Blog posts
==========

Team posts
^^^^^^^^^^
2020
----
* `Flexible Access Token Validation in ASP.NET Core <https://leastprivilege.com/2020/07/06/flexible-access-token-validation-in-asp-net-core/>`_
* `Resource Access in OpenIdentityServer v4 and going forward <https://leastprivilege.com/2020/06/18/resource-access-in-openidentityserver-v4-and-going-forward/>`_
* `Automatic Token Management for ASP.NET Core and Worker Services 1.0 <https://leastprivilege.com/2020/05/18/automatic-token-management-for-asp-net-core-and-worker-services-1-0/>`_
* `Mutual TLS and Proof-of-Possession Tokens: Summary <https://leastprivilege.com/2020/02/12/mutual-tls-and-proof-of-possession-tokens-summary/>`_
* `Mutual TLS and Proof-of-Possession Access Tokens – Part 1: Setup <https://leastprivilege.com/2020/02/07/mutual-tls-and-proof-of-possession-access-tokens-part-1-setup/>`_
* `Hardening OpenID Connect/OAuth Authorize Requests (and Responses) <https://leastprivilege.com/2020/02/04/hardening-openid-connect-oauth-authorize-requests-and-responses/>`_
* `Hardening Refresh Tokens <https://leastprivilege.com/2020/01/21/hardening-refresh-tokens/>`_
* `OAuth 2.0: The long Road to Proof-of-Possession Access Tokens <https://leastprivilege.com/2020/01/15/oauth-2-0-the-long-road-to-proof-of-possession-access-tokens/>`_
* `Outsourcing OpenIdentityServer Token Signing to Azure Key Vault <https://www.scottbrady91.com/Identity-Server/Outsourcing-OpenIdentityServer-Token-Signing-to-Azure-Key-Vault>`_
* `Using ECDSA in OpenIdentityServer <https://www.scottbrady91.com/Identity-Server/Using-ECDSA-in-OpenIdentityServer>`_

2019
----
* `Scope and claims design in IdentityServer <https://brockallen.com/2019/02/25/scope-and-claims-design-in-identityserver/>`_
* `Try Device Flow with OpenIdentityServer <https://leastprivilege.com/2019/02/08/try-device-flow-with-openidentityserver/>`_
* `The State of the Implicit Flow in OAuth2 <https://brockallen.com/2019/01/03/the-state-of-the-implicit-flow-in-oauth2/>`_
* `An alternative way to secure SPAs (with ASP.NET Core, OpenID Connect, OAuth 2.0 and ProxyKit) <https://leastprivilege.com/2019/01/18/an-alternative-way-to-secure-spas-with-asp-net-core-openid-connect-oauth-2-0-and-proxykit/>`_
* `Automatic OAuth 2.0 Token Management in ASP.NET Core <https://leastprivilege.com/2019/01/14/automatic-oauth-2-0-token-management-in-asp-net-core/>`_
* `Encrypting Identity Tokens in OpenIdentityServer <https://www.scottbrady91.com/Identity-Server/Encrypting-Identity-Tokens-in-OpenIdentityServer>`_

2018
----
* `OpenIdentityServer Update <https://leastprivilege.com/2018/01/17/ndc-london-2018-identityserver-update/>`_ 
* `IdentityServer and Swagger <https://www.scottbrady91.com/Identity-Server/ASPNET-Core-Swagger-UI-Authorization-using-OpenIdentityServer>`_
* `Removing Shared Secrets for OAuth Client Authentication <https://www.scottbrady91.com/OAuth/Removing-Shared-Secrets-for-OAuth-Client-Authentication>`_
* `Creating Your Own OpenIdentityServer Storage Library <https://www.scottbrady91.com/Identity-Server/Creating-Your-Own-OpenIdentityServer-Storage-Library>`_

2017
----
* `Platforms where you can run OpenIdentityServer <https://leastprivilege.com/2017/01/15/platforms-where-you-can-run-openidentityserver/>`_ 
* `Optimizing Tokens for size <https://leastprivilege.com/2016/12/14/optimizing-identity-tokens-for-size/>`_
* `Identity vs Permissions <https://leastprivilege.com/2016/12/16/identity-vs-permissions/>`_
* `Bootstraping OpenID Connect: Discovery <https://leastprivilege.com/2017/01/06/bootstrapping-openid-connect-discovery/>`_
* `Extending OpenIdentityServer with WS-Federation Support <https://leastprivilege.com/2017/03/03/extending-openidentityserver-with-ws-federation-support/>`_
* `Announcing OpenIdentityServer RC1 <https://leastprivilege.com/2016/09/06/openidentityserver-rc1/>`_
* `Getting Started with IdentityServer 4 <https://www.scottbrady91.com/Identity-Server/Getting-Started-with-IdentityServer-4>`_
* `IdentityServer 4 SharePoint Integration using WS-Federation <https://www.scottbrady91.com/Identity-Server/IdentityServer-4-SharePoint-Integration-using-WS-Federation>`_

Community posts
^^^^^^^^^^^^^^^
* `Blazor WebAssembly authentication and authorization with OpenIdentityServer <https://nahidfa.com/posts/blazor-webassembly-authentication-and-authorization-with-openidentityserver/>`_
* `Additional API Endpoints to IdentityServer 4 <https://lurumad.github.io/aditional-api-endpoints-to-openidentityserver>`_
* `Securing Hangfire Dashboard using an OpenID Connect server (IdentityServer 4) <https://lurumad.github.io/securing-hangfire-dashboard-using-an-openid-connect-server-identityserver-4>`_
* `OAuth 2.0 - OpenID Connect & IdentityServer <https://wp.me/p3mRWu-1Ag/>`_
* `Running OpenIdentityServer in a Docker Container <https://espressocoder.com/2019/01/29/running-openidentityserver-in-a-docker-container/>`_
* `Connecting Zendesk and IdentityServer 4 SAML 2.0 Identity Provider <https://lurumad.github.io/connecting-zendesk-and-identityserver-4-saml2p-identity-provider>`_
* `IdentityServer localization using ui_locales <https://damienbod.com/2017/11/11/openidentityserver-localization-using-ui_locales-and-the-query-string>`_
* `Self-issuing an OpenIdentityServer token in an OpenIdentityServer service <https://www.strathweb.com/2017/10/self-issuing-an-openidentityserver-token-in-an-openidentityserver-service/>`_
* `OpenIdentityServer on the ASP.NET Team Blog <https://blogs.msdn.microsoft.com/webdev/2017/01/23/asp-net-core-authentication-with-openidentityserver/>`_
* `Angular2 OpenID Connect Implicit Flow with OpenIdentityServer <https://damienbod.com/2016/03/02/angular2-openid-connect-implicit-flow-with-openidentityserver/>`_
* `Full Server Logout with OpenIdentityServer and OpenID Connect Implicit Flow <https://damienbod.com/2016/09/16/full-server-logout-with-openidentityserver-and-openid-connect-implicit-flow/>`_
* `OpenIdentityServer, ASP.NET Identity, Web API and Angular in a single Project <https://damienbod.com/2016/10/01/openidentityserver-webapi-and-angular2-in-a-single-asp-net-core-project/>`_
* `Secure your .NETCore web applications using IdentityServer 4 <https://social.technet.microsoft.com/wiki/contents/articles/37169.secure-your-netcore-web-applications-using-identityserver-4.aspx>`_
* `ASP.NET Core OpenIdentityServer Resource Owner Password Flow with custom UserRepository <https://damienbod.com/2017/04/14/asp-net-core-openidentityserver-resource-owner-password-flow-with-custom-userrepository/>`_
* `Secure ASP.NET Core MVC with Angular using OpenIdentityServer OpenID Connect Hybrid Flow <https://damienbod.com/2017/05/06/secure-asp-net-core-mvc-with-angular-using-openidentityserver-openid-connect-hybrid-flow//>`_
* `Adding an external Microsoft login to OpenIdentityServer <https://damienbod.com/2017/07/11/adding-an-external-microsoft-login-to-openidentityserver/>`_
* `Implementing Two-factor authentication with OpenIdentityServer and Twilio <https://damienbod.com/2017/07/14/implementing-two-factor-authentication-with-openidentityserver-and-twilio/>`_
* `Security Experiments with gRPC and ASP.NET Core 3.0 <https://damienbod.com/2019/03/06/security-experiments-with-grpc-and-asp-net-core-3-0/>`_
* `ASP.NET Core OAuth Device Flow Client with OpenIdentityServer <https://damienbod.com/2019/02/20/asp-net-core-oauth-device-flow-client-with-openidentityserver/>`_
* `Securing a Vue.js app using OpenID Connect Code Flow with PKCE and OpenIdentityServer <https://damienbod.com/2019/01/29/securing-a-vue-js-app-using-openid-connect-code-flow-with-pkce-and-openidentityserver/>`_
* `Using an OData Client with an ASP.NET Core API <https://damienbod.com/2018/10/18/using-an-odata-client-with-an-asp-net-core-api/>`_
* `OpenID Connect back-channel logout using Azure Redis Cache and OpenIdentityServer <https://damienbod.com/2018/12/18/openid-connect-back-channel-logout-using-azure-redis-cache-and-openidentityserver/>`_
* `Single Sign Out in OpenIdentityServer with Back Channel Logout <https://blog.tretainfotech.com/posts/2018/august/single-sign-out-in-openidentityserver-with-back-channel-logout>`_