top of page

IdentityServer in Production

This course continues where our popular course Securing ASP.NET using OpenID Connect and IdentityServer ended, with a clear focus on getting a complete IdentityServer architecture up and running in a real live production environment. You will learn how to avoid many of the pitfalls and gotchas involved when you start your deployment journey.

When we say that this course is about deploying to production, we really mean it. In this course we will deploy the services that we create to the public internet, using things like real TLS certificates and automatic build/deploy.

The solution that you will deploy live contains a client, an API and a fully-configured IdentityServer. We are especially proud that we don’t cheat or cut corners in this course. 

We will instead:

  • Store configuration data in separate configuration service

  • Log to a separate logging server for analytics and visualization

  • Use real HTTPS certificate

  • Creating our own signing keys

  • Use continuous deployment to deploy our services

This very hands-on course contains an extensive set of exercises that will take you through all the steps involved to create a successful identity solution.

Course details

We recommend that you have a good laptop that can run multiple instances of Visual Studio and at least one big monitor for optimal course experience.

  • In this course we use the latest Visual Studio 2019, ASP.NET Core 3.x and IdentityServer4 version 4.x

  • All course materials are written in English 

  • The course can be taught in either Swedish or English

  • Even though the course deals with the cloud and containers, it is not the focus of this course and no cloud/container experience is needed

Course content

  • Configuration

  • HTTPS certificates

  • Security

  • Logging

  • Duende IdentityServer v5.x

  • Error action

  • Securing the client

  • Data Protection API

  • Public / Private key encryption

  • Keys, Certificates and PKCS 12 files

  • Creating JWT Token signing keys using OpenSSL

  • Token Signing keys

  • IdentityServer and the database

  • User management

  • Tokens and claims

  • Securing the API

  • Consuming the API

  • Refresh tokens

  • Extending IdentityServer

  • Performance and service resiliency

  • Troubleshooting IdentityServer

And much more… 

Target audience

Developers who want to learn step-by-step how to deploy an IdentityServer solution to the public internet in a secure way. If you are using version 4.x of IdentityServer, then this course is still very relevant as most concepts in this course are the same between version 4.x and 5.x that we use in this course.


  • A basic understanding of OAuth, OpenID-Connect, IdentityServer and ASP.NET Core, similar to what is covered in the Securing ASP.NET using OpenID Connect and IdentityServer course

  • Good C# skills

  • Very basic Git version control skills

Tore Nestenius

Trainer Tore Nestenius

25 900 SEK ex moms 


Duration: 4 half days             

Level: Beginning

Language: English/Swedish                

Course code: T339

The course is given on request


Highly recommend the course!


Very good! If you want to know how IdentityServer really works in depth, this is the right course!


bottom of page