Convert Figma logo to code with AI

DuendeSoftware logoproducts

The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core

1,535
373
1,535
27
View on GitHub

Top Related Projects

IdentityServer's avatar

IdentityServer4

9,242

OpenID Connect and OAuth 2.0 Framework for ASP.NET Core

openiddict's avatar

openiddict-core

4,527

Flexible and versatile OAuth 2.0/OpenID Connect stack for .NET

AzureAD's avatar

azure-activedirectory-identitymodel-extensions-for-dotnet

1,093

IdentityModel extensions for .Net

ory's avatar

hydra

15,784

The most scalable and customizable OpenID Certified™ OpenID Connect and OAuth Provider on the market. Become an OpenID Connect and OAuth2 Provider over night. Broad support for related RFCs. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.

keycloak's avatar

keycloak

26,098

Open Source Identity and Access Management For Modern Applications and Services

Quick Overview

DuendeSoftware/products is a repository containing documentation and resources for Duende Software's identity and access control products. These products include IdentityServer, BFF (Backend for Frontend) Security Framework, and other related tools for implementing secure authentication and authorization in modern applications.

Pros

  • Comprehensive suite of identity and access control solutions
  • Well-documented and actively maintained
  • Supports modern authentication protocols like OAuth 2.0 and OpenID Connect
  • Flexible and customizable to fit various application architectures

Cons

  • Some products require commercial licensing for production use
  • Learning curve can be steep for newcomers to identity and access control
  • Limited community contributions due to commercial nature of the products
  • May require additional configuration and setup compared to simpler auth solutions

Code Examples

As this repository primarily contains documentation and resources rather than code, specific code examples are not applicable. However, the documentation provides detailed guidance on how to implement and use Duende Software's products in various scenarios.

Getting Started

To get started with Duende Software's products, follow these general steps:

  1. Visit the official Duende Software website: https://duendesoftware.com/
  2. Choose the product that best fits your needs (e.g., IdentityServer, BFF)
  3. Review the licensing options and select the appropriate plan
  4. Follow the product-specific documentation in the repository to set up and configure the chosen solution
  5. Implement the necessary integration code in your application
  6. Test and deploy your application with the Duende Software product

For detailed, product-specific instructions, refer to the documentation in the repository's docs folder.

Competitor Comparisons

IdentityServer logo

IdentityServer4

9,242

OpenID Connect and OAuth 2.0 Framework for ASP.NET Core

Pros of IdentityServer4

  • Open-source and free for commercial use
  • Extensive community support and contributions
  • Well-established and mature project with a long history

Cons of IdentityServer4

  • No longer actively maintained
  • Limited future updates and security patches
  • Lack of official support for newer technologies and standards

Code Comparison

IdentityServer4:

services.AddIdentityServer()
    .AddInMemoryClients(Config.Clients)
    .AddInMemoryApiScopes(Config.ApiScopes)
    .AddInMemoryIdentityResources(Config.IdentityResources)
    .AddTestUsers(Config.Users);

DuendeSoftware/products:

services.AddIdentityServer()
    .AddInMemoryClients(Config.Clients)
    .AddInMemoryApiScopes(Config.ApiScopes)
    .AddInMemoryIdentityResources(Config.IdentityResources)
    .AddTestUsers(Config.Users)
    .AddDeveloperSigningCredential();

The code comparison shows that both projects have similar setup processes, with DuendeSoftware/products offering additional features like the developer signing credential. While IdentityServer4 is a well-established open-source solution, DuendeSoftware/products (Duende IdentityServer) is actively maintained and provides ongoing support and updates. However, Duende IdentityServer requires a commercial license for use in production environments.

openiddict logo

openiddict-core

4,527

Flexible and versatile OAuth 2.0/OpenID Connect stack for .NET

Pros of OpenIddict

  • Open-source and free to use
  • Highly customizable and extensible
  • Supports a wide range of authentication scenarios

Cons of OpenIddict

  • Less comprehensive documentation compared to Duende
  • May require more setup and configuration
  • Limited commercial support options

Code Comparison

OpenIddict:

services.AddOpenIddict()
    .AddCore()
    .AddServer()
    .AddValidation();

Duende IdentityServer:

services.AddIdentityServer()
    .AddInMemoryClients(Config.Clients)
    .AddInMemoryApiScopes(Config.ApiScopes)
    .AddInMemoryIdentityResources(Config.IdentityResources);

OpenIddict offers a more modular approach, allowing developers to add only the components they need. Duende IdentityServer provides a more opinionated setup with built-in configurations.

Both projects are robust OpenID Connect and OAuth 2.0 frameworks for ASP.NET Core. OpenIddict is a free, open-source solution with great flexibility, while Duende IdentityServer offers a commercial product with professional support and more comprehensive documentation. The choice between them depends on project requirements, budget, and the level of customization needed.

AzureAD logo

azure-activedirectory-identitymodel-extensions-for-dotnet

1,093

IdentityModel extensions for .Net

Pros of azure-activedirectory-identitymodel-extensions-for-dotnet

  • Specifically designed for Azure Active Directory integration
  • Extensive documentation and Microsoft support
  • Free and open-source

Cons of azure-activedirectory-identitymodel-extensions-for-dotnet

  • Limited to Microsoft ecosystem and Azure AD
  • May have a steeper learning curve for non-Microsoft developers
  • Less flexibility for custom identity scenarios

Code Comparison

azure-activedirectory-identitymodel-extensions-for-dotnet:

var tokenValidationParameters = new TokenValidationParameters
{
    ValidateIssuer = true,
    ValidIssuer = "https://sts.windows.net/{tenantId}/",
    ValidateAudience = true,
    ValidAudience = "{clientId}"
};

products:

var options = new IdentityServerOptions
{
    IssuerUri = "https://myissuer.com",
    SigningCredential = new SigningCredentials(key, SecurityAlgorithms.RsaSha256)
};

The azure-activedirectory-identitymodel-extensions-for-dotnet library focuses on token validation for Azure AD, while products (Duende IdentityServer) provides a more comprehensive identity server solution with greater customization options. The former is ideal for Azure AD integration, while the latter offers more flexibility for various identity scenarios across different platforms.

ory logo

hydra

15,784

The most scalable and customizable OpenID Certified™ OpenID Connect and OAuth Provider on the market. Become an OpenID Connect and OAuth2 Provider over night. Broad support for related RFCs. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.

Pros of Hydra

  • Open-source and free to use, with a large community and extensive documentation
  • Supports multiple databases (PostgreSQL, MySQL, CockroachDB) out of the box
  • Highly scalable and designed for cloud-native environments

Cons of Hydra

  • Steeper learning curve compared to Duende products
  • Less comprehensive feature set for enterprise-level identity management
  • May require more configuration and setup for advanced scenarios

Code Comparison

Hydra (Go):

import "github.com/ory/hydra/client"

c := client.NewHTTPClientWithConfig(nil, &client.TransportConfig{
    Schemes:  []string{"http", "https"},
    Host:     "localhost:4444",
    BasePath: "/",
})

Duende IdentityServer (C#):

services.AddIdentityServer()
    .AddInMemoryClients(Config.Clients)
    .AddInMemoryIdentityResources(Config.IdentityResources)
    .AddInMemoryApiScopes(Config.ApiScopes)
    .AddInMemoryApiResources(Config.ApiResources);

Both repositories provide OAuth 2.0 and OpenID Connect implementations, but Hydra focuses on being a lightweight, cloud-native solution, while Duende products offer a more comprehensive suite for enterprise identity management. Hydra's code tends to be more low-level and flexible, while Duende's abstractions provide a simpler setup for common scenarios in the .NET ecosystem.

keycloak logo

keycloak

26,098

Open Source Identity and Access Management For Modern Applications and Services

Pros of Keycloak

  • Open-source and free to use, with a large community and extensive documentation
  • Supports a wide range of protocols and features out-of-the-box
  • Highly customizable and extensible through themes and plugins

Cons of Keycloak

  • Can be complex to set up and configure for advanced scenarios
  • Performance may be less optimized compared to commercial solutions
  • Limited official support options, relying mainly on community assistance

Code Comparison

Keycloak (Java):

public class KeycloakSecurityContext implements SecurityContext {
    private final AccessToken token;
    private final String tokenString;
    private final AuthorizationContext authorizationContext;
    // ...
}

Duende IdentityServer (C#):

public class SecurityContext : ISecurityContext
{
    public ClaimsPrincipal User { get; set; }
    public string AccessToken { get; set; }
    public string RefreshToken { get; set; }
    // ...
}

Both projects provide security context objects, but Keycloak's implementation is more focused on token-based authentication, while Duende IdentityServer offers a more general-purpose approach with claims-based identity.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Duende Products

License GitHub Discussions

This repository contains the core products developed by Duende Software.

Duende IdentityServer

NuGet IdentityServer CI

Duende IdentityServer is a modern, standards-compliant OpenID Connect and OAuth 2.0 framework for ASP.NET Core, designed to provide secure authentication and API access control for modern applications. It supports a wide range of authentication flows, token types, and extension points for customization.

Duende BFF (Backend for Frontend)

NuGet BFF CI

The Backend for Frontend (BFF) pattern is a security architecture for browser-based JavaScript applications. It keeps access and refresh tokens on the server and eliminates the need for CORS, providing improved security for your web applications.

AspNet Core JWT Bearer Authentication Extensions

NuGet JwtBearer CI

Extends the ASP.NET Core JWT Bearer authentication handler with support for OAuth 2.0 Demonstrating Proof-of-Possession (DPoP), enhancing security for bearer tokens by proving possession of a private key.

License

By accessing the Duende Products code here, you are agreeing to the licensing terms.

Contributing

Please see our contributing guidelines.