14

I'm trying to get my head around the big picture when producing a new website using ASP.NET Core. I want users to my website to be able to register and log in with social media such as Facebook and Google. Once registered when they make requests to my WebAPI for resources I need to know which user is logged in so that the resource requests can be personalized to the user. I've had a play with ASP.NET Core Identity and this seems to provide much of the functionality of what I need - for example registering with external providers, logging in, and storing those details in a database using Entity Framework- however with a little more magic than I would really like - many tutorials list steps to get it working without explaining how it works in the background for talking to Facebook for example.

On the front-end I'm looking to use Aurelia and I've noticed a number of tutorials which use Identity Server - which I understand to be an implementation of OpenIDConnect.

Having gone through a video about IdentityServer... I understand that you can use ASP.NET Core Identity with IdentityServer. What I don't get is whether that's something that would be useful to me over just implementing ASP.NET Core Identity. (That said I can't seem to find tutorials for integrating Aurelia, ASP.NET Core Identity ...) What generally is the advantage of adding in more complexity with Identity Server over just using ASP.NET Core Identity?

asked Nov 16, 2016 at 19:20
6
  • 1
    This site is for conceptual & software engineering questions. Questions about tools, comparisons, recommentations, etc, are all off-topic. Commented Nov 16, 2016 at 21:19
  • 3
    The two libraries are to some extent interconnected I'm trying to understand where one ends and another starts. If it is off-topic I would interested to know if there's somewhere else I can ask this question. Commented Nov 16, 2016 at 21:30
  • 1
    This is definitely off-topic here and unfortunately I'm not aware of any site from the stackexchange network where you can ask this. Commented Nov 16, 2016 at 21:31
  • 4
    I don't see how this is off topic. Sounds like a legit question to me. Commented Nov 17, 2016 at 18:45
  • 1
    I have the same misunderstandings. I would try to ask it at stackoverflow. Commented Jan 25, 2017 at 12:06

1 Answer 1

3

Identity Server allows you to issue access tokens for APIs. In my experience, I've only seen it used when the application requires custom OAuth 2.0 authentication that cannot be provided by the authentication providers that are supported by ASP.Net Core. If your site is able to use one existing OAuth 2.0 providers, then there is no advantage to setting up and managing your own instance of Identity Server.

answered Nov 14, 2017 at 17:39
2
  • 1
    This is a good answer. However the entire question is off-topic (it asks a question about a specific technology rather than a general software engineering question). Commented Nov 14, 2017 at 18:40
  • 1
    Agreed about the specific technology. However, if you remove specific mentions to ASP.Net Core, the question basically asks "what's the purpose of having a custom identity provider?" Commented Nov 15, 2017 at 19:52

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.