Comments (4)
I love the new key management functionality, and I am right now working through how to connect that to a KeyVault using the ISigningKeyStore. I haven't been able to find an elegant way to use the KeyVaults certificate functionality, so I am building my solution to just store the SerializedKey as a secret in the KeyVault.
from samples.
I haven't been able to find an elegant way to use the KeyVaults certificate functionality, so I am building my solution to just store the SerializedKey as a secret in the KeyVault.
Yep, that's how you'd do that integration. The key management is not designed to outsource the key generation itself.
from samples.
I haven't been able to find an elegant way to use the KeyVaults certificate functionality, so I am building my solution to just store the SerializedKey as a secret in the KeyVault.
Yep, that's how you'd do that integration. The key management is not designed to outsource the key generation itself.
Good to know, thanks!
Are you considering a future upgrade to allow outsourcing? It would be an enhancement that my security department would appreciate, so they have more control.
from samples.
Are you considering a future upgrade to allow outsourcing?
In that case, I think you'd disable our key management and instead replace the ITokenService. We have had customers do this when they wanted their signing done inside the firewall when their IdentityServer was in the DMZ (if I recall correctly).
from samples.
Related Issues (20)
- Update StepUp Sample once IS 6.3 is released
- Angular Sample
- StopTheHost exception gaurds in EF quickstarts
- DPoP Samples HOT 1
- DCR Samples for 6.3
- BFF sample to show notifications on back-channel logout HOT 4
- BFF Sample to use check session endpoint
- Look into OWIN sample build/NuGet issue
- DPoP and BFF sample HOT 1
- In the nuget package manager the Duende.IdentityServer package are not supported in ASP.NET Web Application (.NET Framework) 4.8 MVC
- Show how to handle errors in .NET clients
- Get user claims in User Interaction Sample HOT 1
- Dynamic provider sample to handle IdPs that don't support SLO
- Sample for API step up
- BFF w/ Server Side sessions
- Can bff/user return the user avatar address? HOT 4
- BFF Sample with separate front-end and back-end
- JS client with session expiration popup
- Server-side sessions vs. older MvcHybridBackChannel sample HOT 6
- Grace period for reusing consumed refresh tokens HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from samples.