Early Preview

This is currently very much a preview. Please feel free to try things out, but don't be upset if anything is not yet working. Feedback is welcome over on our GitHub Dicussions page.

Duende.IdentityModel

OpenID Connect & OAuth 2.0 client library

Author Duende Software
Version 8.1.0
Tags OAuth2 OAuth 2.0 OpenID Connect Security Identity IdentityServer

Public Types

Duende.​IdentityModel

class ClaimComparer
Compares two instances of Claim
class CryptoRandom
A class that mimics the standard Random class in the .NET Framework - but uses a random number generator internally.
class Identity
Helpers to create ClaimsIdentity
class JwtClaimTypes
Commonly used claim types
class OidcConstants
class Principal
Helper class to create ClaimsPrincipal
class StringExtensions
Extensions for strings
class TimeConstantComparer
Helper class to do equality checks without leaking timing information
class X509
class X509CertificatesFinder
class X509CertificatesLocation
class X509CertificatesName

Duende.​IdentityModel.​Client

class AuthorityUrlValidationStrategy
<para>Implementation of <see cref="T:Duende.IdentityModel.Client.IAuthorityValidationStrategy" /> based on <see cref="T:System.Uri" /> equality. Trailing slash is also ignored.</para>
struct AuthorityValidationResult
class AuthorizationCodeTokenRequest
Request for token using authorization_code
class AuthorizationHeaderExtensions
Extensions for HttpRequestMessage
class AuthorizeResponse
Models the response of an authorize request
class BackchannelAuthenticationRequest
Request for CIBA backchannel authentication
class BackchannelAuthenticationResponse
Models a CIBA backchannel authentication response
class BackchannelAuthenticationTokenRequest
Request for token using urn:openid:params:grant-type:ciba grant type
enum BasicAuthenticationHeaderStyle
Enum for specifying then encoding style of the basic authentication header
class BasicAuthenticationHeaderValue
HTTP Basic Authentication authorization header
class BasicAuthenticationOAuthHeaderValue
HTTP Basic Authentication authorization header for RFC6749 client authentication
class ClientAssertion
Models a client assertion
class ClientCredentialsTokenRequest
Request for token using client_credentials
enum ClientCredentialStyle
Specifies how the client will transmit client ID and secret
class ClientOptions
Base-class protocol client options
class DeviceAuthorizationRequest
Request for device authorization
class DeviceAuthorizationResponse
Models an OAuth device authorization response
class DeviceTokenRequest
Request for token using urn:ietf:params:oauth:grant-type:device_code
class DiscoveryCache
Helper for caching discovery documents.
class DiscoveryDocumentRequest
Request for OpenID Connect discovery document
class DiscoveryDocumentResponse
Represents the response from an OpenID Connect discovery endpoint.
class DiscoveryEndpoint
Represents a discovery endpoint URL parsed into its authority and discovery endpoint components. This is commonly used to resolve URLs for OpenID Connect or OAuth2 discovery documents.
class DiscoveryPolicy
Security policy for retrieving a discovery document
class DynamicClientRegistrationDocument
Models an OpenID Connect dynamic client registration request.
class DynamicClientRegistrationRequest
Request for dynamic client registration
class DynamicClientRegistrationResponse
Models an OpenID Connect dynamic client registration response
class HttpClientBackchannelAuthenticationExtensions
HttpClient extensions CIBA backchannel authentication
class HttpClientDeviceFlowExtensions
HttpClient extensions for OIDC userinfo
class HttpClientDiscoveryExtensions
HttpClient extentions for OIDC discovery
class HttpClientDynamicRegistrationExtensions
HttpClient extensions for dynamic registration
class HttpClientJsonWebKeySetExtensions
HttpClient extensions for OIDC discovery
class HttpClientPushedAuthorizationExtensions
HttpClient extensions for OIDC discovery
class HttpClientTokenIntrospectionExtensions
HttpClient extensions for OAuth token introspection
class HttpClientTokenRequestExtensions
HttpClient extensions for OAuth token requests
class HttpClientTokenRevocationExtensions
HttpClient extensions for OAuth token revocation
class HttpClientUserInfoExtensions
HttpClient extensions for OIDC userinfo
interface IAuthorityValidationStrategy
Authority validation strategy.
interface IDiscoveryCache
Interface for discovery cache
class IntrospectionClient
Client library for the OAuth 2 introspection endpoint
class IntrospectionClientOptions
Options for IntrospectionClient
class JsonElementExtensions
Extensions for JObject
class JsonWebKeySetRequest
Request for JSON web key set document
class JsonWebKeySetResponse
Models a response from a JWK endpoint
class MtlsEndpointAliases
Represents aliases for mutual TLS (mTLS) endpoints in an OpenID Connect discovery document. Provides access to specific mTLS-based endpoints such as token, revocation, and device authorization endpoints.
enum ParameterReplaceBehavior
Specifies how parameter in the collection get replaced (or not).
class Parameters
Models a list of request parameters
class PasswordTokenRequest
Request for token using password
class ProtocolRequest
Models a base OAuth/OIDC request with client credentials
class ProtocolRequestOptions
Well-known <see cref="T:System.Net.Http.HttpRequestOptionsKey`1" /> keys used by Duende IdentityModel when passing data through handler chains.
class ProtocolResponse
A protocol response
class PushedAuthorizationRequest
Models the parameters that can be pushed in a Pushed Authorization Request.
class PushedAuthorizationResponse
Models the response from a Pushed Authorization Request
class RefreshTokenRequest
Request for token using refresh_token
class RequestUrl
Helper class for creating request URLs
class RequestUrlExtensions
Extensions for RequestUrl
enum ResponseErrorType
Various reasons for a protocol endpoint error
enum ResponseFormat
Specifies the format of the token introspection response.
class StringComparisonAuthorityValidationStrategy
Implementation of <see cref="T:Duende.IdentityModel.Client.IAuthorityValidationStrategy" /> based on <see cref="T:System.StringComparison" /> .
class TokenClient
Client library for the OpenID Connect / OAuth 2 token endpoint
class TokenClientOptions
Options for TokenClient
class TokenExchangeTokenRequest
Request for token using urn:ietf:params:oauth:grant-type:token-exchange
class TokenIntrospectionRequest
Request for OAuth token introspection
class TokenIntrospectionResponse
Models an OAuth 2.0 introspection response as defined by <a href="https://datatracker.ietf.org/doc/html/rfc7662">RFC 7662 - OAuth 2.0 Token Introspection</a>
class TokenRequest
Request for token
class TokenResponse
Models a response from an OpenID Connect/OAuth 2 token endpoint
class TokenRevocationRequest
Request for OAuth token revocation
class TokenRevocationResponse
Models an OAuth 2.0 token revocation response
class UserInfoRequest
Request for OIDC userinfo
class UserInfoResponse
Models an OpenID Connect userinfo response

Duende.​IdentityModel.​Internal

class TaskHelpers
Helpers to deal with tasks.

Duende.​IdentityModel.​Jwk

class JsonWebAlgorithmsKeyTypes
Constants for JsonWebAlgorithms "kty" Key Type (sec 6.1) http://tools.ietf.org/html/rfc7518#section-6.1
class JsonWebKey
Represents a Json Web Key as defined in http://tools.ietf.org/html/rfc7517.
class JsonWebKeyExtensions
Extensions for JsonWebKey
class JsonWebKeyParameterNames
Names for Json Web Key Values
class JsonWebKeySet
Contains a collection of <see cref="T:Duende.IdentityModel.Jwk.JsonWebKey" /> that can be populated from a json string.

Duende.​IdentityModel.​Validation

interface ITokenIntrospectionJwtResponseValidator