top of page
OpenID Connect

Securing ASP.NET using OpenID Connect and IdentityServer

Today we are facing many authentication and authorization challenges regarding designing and developing modern applications. The requirements are more challenging than ever, especially when we need to support everything from mobile and SPA applications to micro-services in the cloud.

OpenID Connect is the de-facto standard that we should use for handling authentication and authorization in modern applications today, but at the same time it can be very confusing with all the various concepts, including: scopes, claims, flows, resources and tokens.

You can always use external services to manage users and their rights, but for those who want to manage this themselves, IdentityServer is a popular alternative. IdentityServer is an open-source framework for you who want to build your own identity service. In the course we mainly use IdentityServer, but we also look at how to use external services.

What you will learn

  • How OAuth and OpenID Connect works in detail

  • How to setup your own instance of IdentityServer

  • How to secure your ASP.NET Core applications using OpenID Connect and IdentityServer


When we go through these things, we will not just configure various magic libraries; instead we will take a look under the hood of OpenID Connect and IdentityServer to really understand what makes them tick.

In this course we use Visual Studio 2019, the latest ASP.NET Core 3 and IdentityServer 4. After you take this course, we highly recommend our course Web-Security for developers.

We recommend that you have a good computer that can run multiple instances of Visual Studio and at least one big monitor.

After this course, we recommend that you take a look at the course IdentityServer in Production where we will teach you how to create a real production ready setup of IdentityServer.

This course contains a lot of hands-on practical exercises where you will learn how to work with OpenID-Connect and the latest version of Duende IdentityServer.

Course content

  • OAuth 2.1 / OpenID Connect

  • Certificates and HTTPS

  • Token Services

  • Duende Identity Server v5.x

  • JSON Web Tokens (JWT)

  • Scopes and claims

    • Identity Resources

    • API Resources

    • APIScopes

  • Securing the tokens

  • Cross-Origin Resource Sharing (CORS)

  • Flows

    • Implicit flow

    • Authorization Code Flow

    • Client Credentials flow

  • Proof Key for Code Exchange (PKCE)

  • External identity providers

  • Application types:

    • Web applications

    • SPA and Mobile applications

    • Server to Server communication

  • ASP.NET Core

    • Authentication

    • Data Protection API

    • Cookie authentication

    • Authorization

    • OpenID Connect

    • Claims transformation

  • And much more...

Target audience

ASP.NET Core developers who wants to learn the fundamentals of OpenID-Connect and how to protect your applications using the latest version of IdentityServer. If you are using version 4.x of IdentityServer, then this course is still very relevant as most things in this course are the same.


Basic knowledge of

  • ASP.NET Core (e.g our course Beginning ASP.NET Core)

  • C# (LINQ / Lambda…)

  • The http(s)-protocol and how the web works in general.

  • HTML 

In this course we use Visual Studio 2019, the latest ASP.NET Core 3 and IdentityServer 4.

After you take this course, we highly recommend our course IdentityServer in Production


Trainer Tore Nestenius

25 900 SEK ex moms


- The course is given remote or in classroom
- Contact us for upcoming courses
- If you are a team there is an opportunity for content adaptation based on your needs

Duration: 3 days, or 6 half days             

Level: Beginning

Language: Master                

Course code: T228

OpenID Connct - intresseanmälan


Very informative which I recommend! Well-prepared exercises that made it possible to focus on the pieces presented before, and the teacher was very knowledgeable and pedagogical.


Very good and rewarding. I think I have more on my feet now to continue.


The course provided a good foundation that we can directly build on in what we are developing right now


Colleague recommended Edument and I would recommend the course further!


bottom of page