search

πŸ”Identity API

hashtag
Identity Api

One of the basic concept of Microservices we have broken down idenity to be a speprate service which can be indivisually scaled as required and deployed to k8s.

Identity Api uses Identity Server4 to maintain login and generate token.

hashtag
Key Notes

  • The service follows the Open Api Spec and REST standards.

  • The service is configured to run using kestrel server on port 1000

  • The service exposes a health check at /health and /healthz endpoint.

  • The service exposes a swagger endpoint for /swagger only in Development env.

  • The service exposes a metric endpoint /metricstext for text based and /metrics for protobuf in prometheus format.

  • The service exposes the .well-known endpoint using Identity Server4

  • The service uses dapr components

  • The service uses sql for Identity based date

hashtag
Identity Service (Identity Server 4)

This service is built using Identity server 4 and have uses SQLite for the Database and is built using a code first approach.

chevron-rightWellKnown Endpoint Exposed by identity server : https://localhost:5443/.well-known/openid-configurationhashtag
{
  "issuer": "https://localhost:5443",
  "jwks_uri": "https://localhost:5443/.well-known/openid-configuration/jwks",
  "authorization_endpoint": "https://localhost:5443/connect/authorize",
  "token_endpoint": "https://localhost:5443/connect/token",
  "userinfo_endpoint": "https://localhost:5443/connect/userinfo",
  "end_session_endpoint": "https://localhost:5443/connect/endsession",
  "check_session_iframe": "https://localhost:5443/connect/checksession",
  "revocation_endpoint": "https://localhost:5443/connect/revocation",
  "introspection_endpoint": "https://localhost:5443/connect/introspect",
  "device_authorization_endpoint": "https://localhost:5443/connect/deviceauthorization",
  "frontchannel_logout_supported": true,
  "frontchannel_logout_session_supported": true,
  "backchannel_logout_supported": true,
  "backchannel_logout_session_supported": true,
  "scopes_supported": [
    "profile",
    "openid",
    "role",
    "tripfeed.write",
    "tripfeed.read",
    "offline_access"
  ],
  "claims_supported": [
    "gender",
    "website",
    "picture",
    "profile",
    "preferred_username",
    "nickname",
    "middle_name",
    "given_name",
    "family_name",
    "name",
    "birthdate",
    "zoneinfo",
    "locale",
    "updated_at",
    "sub",
    "role"
  ],
  "grant_types_supported": [
    "authorization_code",
    "client_credentials",
    "refresh_token",
    "implicit",
    "password",
    "urn:ietf:params:oauth:grant-type:device_code"
  ],
  "response_types_supported": [
    "code",
    "token",
    "id_token",
    "id_token token",
    "code id_token",
    "code token",
    "code id_token token"
  ],
  "response_modes_supported": [
    "form_post",
    "query",
    "fragment"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "subject_types_supported": [
    "public"
  ],
  "code_challenge_methods_supported": [
    "plain",
    "S256"
  ],
  "request_parameter_supported": true
}

hashtag
Getting Started

hashtag
Identity Service

Create Migrations

  • Add Migrations

  • Update Database

hashtag
.NET Commands

hashtag
Making changes in database Models

hashtag
Run SQL Server local

hashtag
Run using dapr

hashtag
Kubernetes

hashtag
Run in K8s

hashtag
Deleteing the resources

PreviousDesign OverviewNextUploader API

Last updated