-
|
I'm experienced with Duende IdentityServer, and it is a great choice for a microservices-based system. However, with all the new Identity APIs and Blazor Identity UI in .NET 8, I wonder if none of that ended up making sense for eShop. Identity.API seems to be all based on IdentityServer and the Blazor WebApp does not even provide any UI for authentication. Since there is pretty much no documentation (other than the diagram) about this project, could someone explain the Identity and Auth story around it? |
Beta Was this translation helpful? Give feedback.
Replies: 8 comments 1 reply
-
|
This is a port of eshop on containers and they haven’t changed anything around identity yet. |
Beta Was this translation helpful? Give feedback.
-
|
I wonder if there's actually any plan around moving from Duende IdentityServer to the new .NET 8 Identity APIs and UI. |
Beta Was this translation helpful? Give feedback.
-
|
Would be interested if they do, we are currently investigating implementing this with keycloak |
Beta Was this translation helpful? Give feedback.
-
|
Keycloak would be a great alternative to show. We didn't get a chance to invest in changing the identity part of this project as yet but that would be high on the list of options. |
Beta Was this translation helpful? Give feedback.
-
|
@davidfowl Thanks, would be great to get more guidance on the Identity related choices for eShop, since it's usually one of the more complex parts for folks figure out. |
Beta Was this translation helpful? Give feedback.
-
|
Going to convert this to a discussion for further chat |
Beta Was this translation helpful? Give feedback.
-
|
Frankly, after using identityserver4 for years, I do not plan to use either keycloak, openiddict or duende (due to the price), but if this eShop is managed with dotnet 8 identity server, I think it will be an inspiration to everyone. I know that the Duende project supports everyone being paid, but as an end user, I am not happy about it. |
Beta Was this translation helpful? Give feedback.
-
|
I'm all for paying for a service. But I think their pricing is crazy. But we have 30 tenants that we wanted to use a central auth server for. We were nearly making no money from the project our project. I don't mean profit. I mean we weren't charging anyone. and the auth service would be more than 1k a month. And we just needed something basic. I think they would have been better off charging 3 levels. $100. Small, $500 medium and $1000 for large teams. I would have gladly supported the project. Instead I landed up here looking for ab alternative. Also, I always anyone who asks against it because of the price. |
Beta Was this translation helpful? Give feedback.
-
|
I think in time we will move to keycloak for the idp. Using identity endpoints isn't ideal mostly because of the fact that each of the applications need to use the same data protection configuration (shared secrets). You can see an example here https://github.com/dotnet-presentations/eshop-app-workshop/blob/66226ea402e0d2cb60c52a3d893414e2947525b3/src/eShop.AppHost/Program.cs#L16-L17 |
Beta Was this translation helpful? Give feedback.
I think in time we will move to keycloak for the idp. Using identity endpoints isn't ideal mostly because of the fact that each of the applications need to use the same data protection configuration (shared secrets).
You can see an example here https://github.com/dotnet-presentations/eshop-app-workshop/blob/66226ea402e0d2cb60c52a3d893414e2947525b3/src/eShop.AppHost/Program.cs#L16-L17