{"id":27610385,"url":"https://github.com/aspnetrun/run-aspnet-identityserver4","last_synced_at":"2026-01-25T08:31:07.212Z","repository":{"id":39829045,"uuid":"309351002","full_name":"aspnetrun/run-aspnet-identityserver4","owner":"aspnetrun","description":"Secure microservices with using standalone Identity Server 4 and backing with Ocelot API Gateway. Protect our ASP.NET Web MVC and API applications with using OAuth 2 and OpenID Connect in IdentityServer4. Securing your web application and API with tokens, working with claims, authentication and authorization middlewares and applying policies.","archived":false,"fork":false,"pushed_at":"2025-04-04T09:52:48.000Z","size":1104,"stargazers_count":240,"open_issues_count":5,"forks_count":155,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-04-22T23:34:34.581Z","etag":null,"topics":["aspnet","aspnetcore","identityserver4","microservices","oauth2","ocelot-gateway","openid-connect","security"],"latest_commit_sha":null,"homepage":"https://www.udemy.com/course/secure-net-microservices-with-identityserver4-oauth2openid/?couponCode=APRI25","language":"SCSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aspnetrun.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-11-02T11:34:09.000Z","updated_at":"2025-04-04T09:52:52.000Z","dependencies_parsed_at":"2025-04-04T10:39:54.567Z","dependency_job_id":null,"html_url":"https://github.com/aspnetrun/run-aspnet-identityserver4","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/aspnetrun/run-aspnet-identityserver4","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aspnetrun%2Frun-aspnet-identityserver4","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aspnetrun%2Frun-aspnet-identityserver4/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aspnetrun%2Frun-aspnet-identityserver4/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aspnetrun%2Frun-aspnet-identityserver4/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aspnetrun","download_url":"https://codeload.github.com/aspnetrun/run-aspnet-identityserver4/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aspnetrun%2Frun-aspnet-identityserver4/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28749285,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-25T07:58:02.558Z","status":"ssl_error","status_checked_at":"2026-01-25T07:57:57.153Z","response_time":113,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aspnet","aspnetcore","identityserver4","microservices","oauth2","ocelot-gateway","openid-connect","security"],"created_at":"2025-04-22T23:27:14.437Z","updated_at":"2026-01-25T08:31:07.195Z","avatar_url":"https://github.com/aspnetrun.png","language":"SCSS","funding_links":[],"categories":["Architectural Patterns"],"sub_categories":["Microservices"],"readme":"# Securing Microservices with IdentityServer4, OAuth2 and OpenID Connect fronted by Ocelot API Gateway\n\n**UDEMY COURSE WITH DISCOUNTED - Step by Step Development of this repository -\u003e https://www.udemy.com/course/secure-net-microservices-with-identityserver4-oauth2openid/?couponCode=APRI25**\n\n**Check Explanation of this Repository on Medium -\u003e https://medium.com/@mehmetozkaya/securing-microservices-with-identityserver4-with-oauth2-and-openid-connect-fronted-by-ocelot-api-49ea44a0cf9e**\n\n### Overall Picture\nSee the overall picture of **implementations on secure microservices with using standalone Identity Server 4 and backing with Ocelot API Gateway** on real-world **e-commerce microservices** project;\n\n![Securing Microservices with IS4](https://user-images.githubusercontent.com/1147445/97865031-9a4c9f00-1d1a-11eb-8dee-80fc600decfa.png)\n\nIn this repository, you will see that how to secure microservices with using **standalone Identity Server 4** and backing with **Ocelot API Gateway**. We’re going to protect our ASP.NET Web MVC and API applications with using **OAuth 2 and OpenID Connect** in IdentityServer4. Securing your web application and API with tokens, working with claims, authentication and authorization middlewares and applying policies, and so on.\n\n![Overall Picture of Repository](https://user-images.githubusercontent.com/1147445/97865027-991b7200-1d1a-11eb-927e-3f5580a7f5b5.png)\n\n### Movies.API\nFirst of all, we are going to develop **Movies.API** project and protect this API resources with **IdentityServer4 OAuth 2.0 implementation**. Generate **JWT Token** with client_credentials from IdentityServer4 and will use this token for securing Movies.API protected resources.\n\n### Movies.MVC\nAfter that, we are going to develop Movies.MVC Asp.Net project for Interactive Client of our application. This Interactive Movies.MVC Client application will be secured with OpenID Connect in IdentityServer4. Our client application pass credentials with logging to an Identity Server and receive back a JSON Web Token (JWT).\n\n### Identity Server\nAlso, we are going to develop centralized standalone **Authentication Server** and **Identity Provider** with implementing IdentityServer4 package and the name of microservice is Identity Server.\nIdentity Server4 is an open source framework which implements **OpenId Connect and OAuth2 protocols** for .Net Core.\nWith Identity Server, we can provide authentication and access control for our web applications or Web APIs from a single point between applications or on a user basis.\n\n### Ocelot API Gateway\nLastly, we are going to develop **Ocelot API Gateway** and make secure protected API resources over the Ocelot API Gateway with transferring **JWT web tokens**.\nOnce the client has a bearer token it will call the API endpoint which is fronted by Ocelot. Ocelot is working as a reverse proxy.\nAfter Ocelot reroutes the request to the internal API, it will present the token to Identity Server in the **authorization pipeline**. If the client is authorized the request will be processed and a list of movies will be sent back to the client.\n\nAlso over these picture, we have also apply the **claim based authentications**.\n\n## Installation\nFollow these steps to get your development environment set up:\n1. Check All projects run profiles. One by one Right Click the project file, open Properties window and check the debug section. Launch Profile should be the \"Project\" and App URLs should be the same as big picture.\n2. For all projects, one by one, Set a Startup project and see the Run profile on the Run button. Change the default running profile to IIS Express to Project name.\n3. Multiple startup projects. Right click the solution, open Properties, and set Multiple startup project and Start all 4 application click apply and ok.\n4. Now you can run the overall application with Click Start button or F5.\nYou will see 4 project console window and 1 chrome window for client application.\n\n* **Movies.Client -\u003e https://localhost:5002/**\n\nCheck the application with logging the system with below credentials;\n\n* **username - password 1 : alice - a1**\n* **username - password 2 : bob - b1**\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faspnetrun%2Frun-aspnet-identityserver4","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faspnetrun%2Frun-aspnet-identityserver4","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faspnetrun%2Frun-aspnet-identityserver4/lists"}