{"id":640,"date":"2022-02-13T21:08:46","date_gmt":"2022-02-13T21:08:46","guid":{"rendered":"https:\/\/okankaradag.com\/?p=640"},"modified":"2022-02-13T21:09:41","modified_gmt":"2022-02-13T21:09:41","slug":"identityserver-ve-kullandigi-teknolojiler","status":"publish","type":"post","link":"https:\/\/okankaradag.com\/en\/asp-net\/identityserver-ve-kullandigi-teknolojiler","title":{"rendered":"Duende IdentityServer, OAuth and OpenId"},"content":{"rendered":"

We will examine IdentityServer that is asp.net framework and will look OAuth 2.0 and OpenId Connect. We'll also look Authentication, Authorize and Token that we need to known for create secure app.<\/p>\n\n\n\n

Authentication <\/h5>\n\n\n\n

Authentication is the process of verifying identity. If the user's username and password are correct, Server permission access to the resource.<\/p>\n\n\n\n

Authorization<\/h5>\n\n\n\n

Authorization is access permission to spesific resource. Such as we have a api and this api have endpoint named product\/getall and only users with admin role can access. When we send request this address, firstly server check authetication state, redirect login page if no user logged in. if user logged in, server check user's roles, got access page if it has admin role. Otherwise return 401 unauthorized.
see : Asp.Net Core Rol Bazl\u0131 Kimlik Do\u011frulama<\/a><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
Token<\/h5>\n\n\n\n

Sisteme ba\u015far\u0131yla giri\u015f yap\u0131ld\u0131ktan sonra sunucu taraf\u0131ndan verilir ve kaynaklara eri\u015firken bize verilen bu tokeni kullan\u0131r\u0131z. En bilineni JSON Web Tokendir <\/strong>(JWT) Daha detayl\u0131 bakmak i\u00e7in \u015fu linke bakabilirsiniz What is Json Web Token (JWT)? How to use in .Net Core (5.0)<\/a><\/p>\n\n\n\n

IdentityServer Nedir? Ne \u0130\u015fe yarar?<\/h5>\n\n\n\n

Duende \u015firketi taraf\u0131ndan geli\u015ftirilen OpenId Connect ve OAuth 2.0 protokol\u00fcn\u00fc kullanarak eri\u015fim ve kimlik y\u00f6netimi sa\u011flayan bir asp.net framework\u00fcd\u00fcr. IdentityServer, en son IdentityServer4 olarak \u00e7\u0131kt\u0131ktan sonra bir \u015firkete d\u00f6n\u00fc\u015ft\u00fc ve framework\u00fcn ismi Duende IdentityServer<\/a> oldu. IdentityServer4’\u00fcn deste\u011fi 2022 bitimiyle son bulacak. v5 versiyonu Ocak 2021’de v6 versiyonu ise Ocak 2022’de yay\u0131nland\u0131, en son \u00e7\u0131kan v6 versiyonunu kullanmak daha mant\u0131kl\u0131.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

IdentityServer merkezi login (SSO) sistemlerini g\u00fcvenli bir \u015fekilde y\u00f6netebilmeye imkan sa\u011flar. OpenId Connect <\/strong>ve OAuth <\/strong>terimlerinden de bahsedelim<\/p>\n\n\n\n

OAuth 2.0 ve Single Sign On (SSO)<\/h5>\n\n\n\n

A\u00e7\u0131k standartl\u0131 bir authorization <\/strong>protokol\u00fcd\u00fcr. \u015eifrenizi payla\u015fmadan 3. parti uygulamalara eri\u015fmenizi sa\u011flar. \u00d6rne\u011fin trendyol.com a giri\u015f i\u00e7in facebook ile giri\u015f yapmay\u0131 tercih ettiniz bu durumda facebook.comr\/oauth?redirect_uri=https:\/\/www.trendyol.com&client_id=””<\/strong> …. gibi bilgilerle bir y\u00f6nlendirme yapacak. Facebook hesab\u0131n\u0131za giri\u015f yapm\u0131\u015f iseniz yetkilendirme i\u00e7in size soru soracakt\u0131r sizde kabul ederseniz ba\u015far\u0131l\u0131 bir \u015fekilde trendyol.coma y\u00f6nlendirilmi\u015f olacaks\u0131n\u0131z b\u00f6ylece trendyolun \u00e7\u00f6kmesi\/ hacklenmesi durumunda \u015fifreniz a\u00e7\u0131\u011fa \u00e7\u0131kmayacakt\u0131r. Bu sadece google, facebook<\/strong> gibi i\u00e7in de\u011fil kendi merkezi sisteminizi de bunun \u00fcst\u00fcne in\u015fa edebilirsiniz. \u00d6rne\u011fin birden \u00e7ok \u00fcr\u00fcn\u00fcn\u00fcz olsun. Bir e ticaret siteniz ve bir de oto kiralama servisiniz, bu durumda kullan\u0131c\u0131lar\u0131 tek bir yerden y\u00f6netmek isteriz kullan\u0131c\u0131lar\u0131n \u015fifresini ve temel bilgilerini tutaca\u011f\u0131m\u0131z bir user service ile di\u011fer \u00fcr\u00fcnlerimiz buradan login <\/strong>olabilir yeni bir \u00fcr\u00fcn ekledi\u011fimizde de basit\u00e7e entagrasyonunu yapm\u0131\u015f oluruz.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
OpenId Connect<\/h5>\n\n\n\n

OAuth 2.0 \u00fczerine in\u015fa edilmi\u015f bir authentacion katman\u0131d\u0131r. Oauth 2.0 sadece yetkilendirme yapar OpenId ile de giri\u015f yapmas\u0131 ya da kay\u0131t olmas\u0131 sa\u011flan\u0131r. Yukar\u0131daki \u00f6rnekte Oauth 2.0 ile facebooktan ad, soyad, profil resmi gibi baz\u0131 yetkiler istedik. Login olma i\u015flemini ise OpenId Connect sa\u011flar. OpenId Connect zaten OAuth i\u00e7in \u00e7\u0131km\u0131\u015f olan bir protokold\u00fcr birbirleriyle uyumlu \u00e7al\u0131\u015f\u0131rlar.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
Sonu\u00e7<\/h5>\n\n\n\n

IdentityServer birden \u00e7ok clientlar\u0131n\u0131z\u0131 tek bir yerden g\u00fcvenli bir \u015fekilde ortaya \u00e7\u0131km\u0131\u015ft\u0131r. Basit bir uygulaman\u0131z var ve sadece tek bir client\u0131n\u0131z var ise identityserver bu nokta da gereksiz olur.
Birden \u00e7ok uygulamalar\u0131n\u0131z\u0131n g\u00fcvenli\u011fi i\u00e7in ideal bir frameworkd\u00fcr.<\/p>","protected":false},"excerpt":{"rendered":"

We're going to look at Duende IdentityServer. For all that look Oauth 2.0, OpenId Connect, Authentication, Authorize and Token.<\/p>","protected":false},"author":1,"featured_media":651,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[91,87,22],"tags":[27,93,25,48],"yoast_head":"\nDuende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir? - Okan Karada\u011f<\/title>\n<meta name=\"description\" content=\"Asp.net framework\u00fc olan Duende IdentityServer \u00fczerinde OAuth 2.0 protokol\u00fc, OpenId Connect, Authentication, Authorize ve Token gibi kavramlara da bakaca\u011f\u0131z\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/okankaradag.com\/en\/asp-net\/identityserver-ve-kullandigi-teknolojiler\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Duende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir? - Okan Karada\u011f\" \/>\n<meta property=\"og:description\" content=\"Asp.net framework\u00fc olan Duende IdentityServer \u00fczerinde OAuth 2.0 protokol\u00fc, OpenId Connect, Authentication, Authorize ve Token gibi kavramlara da bakaca\u011f\u0131z\" \/>\n<meta property=\"og:url\" content=\"https:\/\/okankaradag.com\/en\/asp-net\/identityserver-ve-kullandigi-teknolojiler\/\" \/>\n<meta property=\"og:site_name\" content=\"Okan Karada\u011f\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-13T21:08:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-02-13T21:09:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/okankaradag.com\/wp-content\/uploads\/2022\/02\/qtq80-YTH1t9-e1644785937474.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"691\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Okan Karada\u011f\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Okan Karada\u011f\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler#article\",\"isPartOf\":{\"@id\":\"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler\"},\"author\":{\"name\":\"Okan Karada\u011f\",\"@id\":\"https:\/\/okankaradag.com\/#\/schema\/person\/0196919c5e3b6a496101ded872640d52\"},\"headline\":\"Duende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir?\",\"datePublished\":\"2022-02-13T21:08:46+00:00\",\"dateModified\":\"2022-02-13T21:09:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler\"},\"wordCount\":629,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/okankaradag.com\/#\/schema\/person\/0196919c5e3b6a496101ded872640d52\"},\"keywords\":[\"Asp.Net identity\",\"IdentityServer\",\"Oauth\",\"Role based Authorization\"],\"articleSection\":[\".Net\",\".Net 6.0\",\"Oauth\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler\",\"url\":\"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler\",\"name\":\"Duende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir? - Okan Karada\u011f\",\"isPartOf\":{\"@id\":\"https:\/\/okankaradag.com\/#website\"},\"datePublished\":\"2022-02-13T21:08:46+00:00\",\"dateModified\":\"2022-02-13T21:09:41+00:00\",\"description\":\"Asp.net framework\u00fc olan Duende IdentityServer \u00fczerinde OAuth 2.0 protokol\u00fc, OpenId Connect, Authentication, Authorize ve Token gibi kavramlara da bakaca\u011f\u0131z\",\"breadcrumb\":{\"@id\":\"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/okankaradag.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Duende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/okankaradag.com\/#website\",\"url\":\"https:\/\/okankaradag.com\/\",\"name\":\"Okan Karada\u011f\",\"description\":\"Programlama \u00dczerine\",\"publisher\":{\"@id\":\"https:\/\/okankaradag.com\/#\/schema\/person\/0196919c5e3b6a496101ded872640d52\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/okankaradag.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/okankaradag.com\/#\/schema\/person\/0196919c5e3b6a496101ded872640d52\",\"name\":\"Okan Karada\u011f\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/okankaradag.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ca08a5537d7e304914c37189abedd2a1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ca08a5537d7e304914c37189abedd2a1?s=96&d=mm&r=g\",\"caption\":\"Okan Karada\u011f\"},\"logo\":{\"@id\":\"https:\/\/okankaradag.com\/#\/schema\/person\/image\/\"},\"sameAs\":[\"https:\/\/okankaradag.com\"],\"url\":\"https:\/\/okankaradag.com\/en\/author\/admin\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Duende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir? - Okan Karada\u011f","description":"Asp.net framework\u00fc olan Duende IdentityServer \u00fczerinde OAuth 2.0 protokol\u00fc, OpenId Connect, Authentication, Authorize ve Token gibi kavramlara da bakaca\u011f\u0131z","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/okankaradag.com\/en\/asp-net\/identityserver-ve-kullandigi-teknolojiler\/","og_locale":"en_US","og_type":"article","og_title":"Duende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir? - Okan Karada\u011f","og_description":"Asp.net framework\u00fc olan Duende IdentityServer \u00fczerinde OAuth 2.0 protokol\u00fc, OpenId Connect, Authentication, Authorize ve Token gibi kavramlara da bakaca\u011f\u0131z","og_url":"https:\/\/okankaradag.com\/en\/asp-net\/identityserver-ve-kullandigi-teknolojiler\/","og_site_name":"Okan Karada\u011f","article_published_time":"2022-02-13T21:08:46+00:00","article_modified_time":"2022-02-13T21:09:41+00:00","og_image":[{"width":1024,"height":691,"url":"https:\/\/okankaradag.com\/wp-content\/uploads\/2022\/02\/qtq80-YTH1t9-e1644785937474.jpeg","type":"image\/jpeg"}],"author":"Okan Karada\u011f","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Okan Karada\u011f","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler#article","isPartOf":{"@id":"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler"},"author":{"name":"Okan Karada\u011f","@id":"https:\/\/okankaradag.com\/#\/schema\/person\/0196919c5e3b6a496101ded872640d52"},"headline":"Duende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir?","datePublished":"2022-02-13T21:08:46+00:00","dateModified":"2022-02-13T21:09:41+00:00","mainEntityOfPage":{"@id":"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler"},"wordCount":629,"commentCount":0,"publisher":{"@id":"https:\/\/okankaradag.com\/#\/schema\/person\/0196919c5e3b6a496101ded872640d52"},"keywords":["Asp.Net identity","IdentityServer","Oauth","Role based Authorization"],"articleSection":[".Net",".Net 6.0","Oauth"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler#respond"]}]},{"@type":"WebPage","@id":"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler","url":"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler","name":"Duende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir? - Okan Karada\u011f","isPartOf":{"@id":"https:\/\/okankaradag.com\/#website"},"datePublished":"2022-02-13T21:08:46+00:00","dateModified":"2022-02-13T21:09:41+00:00","description":"Asp.net framework\u00fc olan Duende IdentityServer \u00fczerinde OAuth 2.0 protokol\u00fc, OpenId Connect, Authentication, Authorize ve Token gibi kavramlara da bakaca\u011f\u0131z","breadcrumb":{"@id":"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/okankaradag.com\/asp-net\/identityserver-ve-kullandigi-teknolojiler#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/okankaradag.com\/"},{"@type":"ListItem","position":2,"name":"Duende IdentityServer ve Kulland\u0131\u011f\u0131 Teknolojiler Nedir?"}]},{"@type":"WebSite","@id":"https:\/\/okankaradag.com\/#website","url":"https:\/\/okankaradag.com\/","name":"Okan Karada\u011f","description":"Programlama \u00dczerine","publisher":{"@id":"https:\/\/okankaradag.com\/#\/schema\/person\/0196919c5e3b6a496101ded872640d52"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/okankaradag.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/okankaradag.com\/#\/schema\/person\/0196919c5e3b6a496101ded872640d52","name":"Okan Karada\u011f","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/okankaradag.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ca08a5537d7e304914c37189abedd2a1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ca08a5537d7e304914c37189abedd2a1?s=96&d=mm&r=g","caption":"Okan Karada\u011f"},"logo":{"@id":"https:\/\/okankaradag.com\/#\/schema\/person\/image\/"},"sameAs":["https:\/\/okankaradag.com"],"url":"https:\/\/okankaradag.com\/en\/author\/admin"}]}},"_links":{"self":[{"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/posts\/640"}],"collection":[{"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/comments?post=640"}],"version-history":[{"count":9,"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/posts\/640\/revisions"}],"predecessor-version":[{"id":654,"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/posts\/640\/revisions\/654"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/media\/651"}],"wp:attachment":[{"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/media?parent=640"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/categories?post=640"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/okankaradag.com\/en\/wp-json\/wp\/v2\/tags?post=640"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}