I am currently trying to do a Single Sign On (SSO) for different web applications I built. Thinktecture.IdentityServer3 seems to be a good fit. It works perfectly when I follow the tutorials with WebApi (http://identityserver.github.io/Documentation/docs/overview/mvcGettingStarted.html) but what I want at the end is to work with ServiceStack. I couldn’t find useful resource on the integration with Thinktecture at this moment. Can you point me some sample projects? I am not sure if ServiceStack has its own SSO implementation or Identity Provider. I don’t mind to use ServiceStack Identity Provider if that’s the case.
I don’t know of any example that uses IdentityServer3 with ServiceStack. ServiceStack doesn’t have a specific solution for SSO but if all your websites share the same distributed caching provider then the same Session Ids can be used in each website will be able to access the same authenticated session.
Otherwise someone recently published an Stateless Authentication example that uses JWT which I’m assuming will support SSO if all web servers share the same backend RavenDB Datastore (hopefully wouldn’t take too much effort to change DataStore).
Thanks for your reply. I am thinking OpenId and OAuth2 should be a better choice at this moment considering it is a standard nowadays. ServiceStack has already worked with Google, Facebook and Twitter OpenId. I am not sure if Thinktecture could be part of your future development. After all, there aren’t much Identity Provider we can choose as a .Net developer. Thinktecture is the only choice left as far as I know.
I have tried the custom OpenId example by following the link https://github.com/ServiceStack/ServiceStack/wiki/OpenId but it doesn’t work. I am not sure which part cause the error and I am yet to find out. Perhaps a full example for custom OpenId with own IdentityProvider like Thinktecture will also help. There are several grant types for OAuth2 to be configured. Can you suggest a link for that on ServiceStack?
Another option you may want to consider is Auth0 since they’re a company that’s built around providing authentication services so they might do what you need out of the box, they have an example on using Auth0 with ServiceStack at: https://auth0.com/docs/server-platforms/servicestack (they’re pricing is at: https://auth0.com/pricing)
You can configure scopes with your OAuth2Provider by specifying them in Web.Config appSettings, e.g:
Thanks. I don’t think I will use 3rd parties Identity Provider at this point because it is a commercial product based solution. Most of the time customers are buying the on-premises package and they don’t want their information to be exposed to third party. Now the applications I want to link are using different kind of technologies. Mostly web form and MVC and the new development is using ServiceStack. I have no problem to integrate with Web Form and MVC but encounter some issue on ServiceStack integration. I will try to find more details about the reason why Thinktecture OpenId doens’t work with SS, maybe is my fault for not studying thoroughly. But I sincerely hope SS team will consider to integrate Thinktecture in SS. SSO is so important nowadays and authentication is a tough topic which can easily get wrong by developers, the outcome is a disaster. Just my 2 cents.
No there are no OpenIdConnect Auth Providers that I know of. You can find all the built-in Auth Providers in ServiceStack listed on the Authentication page.