It is a .NET standard helper library for claims-based identity, OAuth 2.0 and OpenID Connect. It encapsulates the protocol interaction in an easy to use API.
It has the following high level features:
- client libraries for standard OAuth 2.0 and OpenID Connect endpoints like authorize, token, discovery, introspection, revocation etc.
- helpers for token management
- constants for standard JWT claim types and protocol values
- simplified API to access the X509 certificate store
- misc helpers for base64 URL encoding, time constant string comparison and epoch time
What are the benefits? if you code in .NET then you do not need to think about code challenge, code verifiers etc.
IdentityServer is an OpenID Connect provider - it implements the OpenID Connect and OAuth 2.0 protocols.
Different literature uses different terms for the same role - you probably also find security token service, identity provider, authorization server, IP-STS and more.
But they are in a nutshell all the same: a piece of software that issues security tokens to clients.
IdentityServer has a number of jobs and features - including:
- protect your resources
- authenticate users using a local account store or via an external identity provider
- provide session management and single sign-on
- manage and authenticate clients
- issue identity and access tokens to clients
- validate tokens
IdentityServer is built against ASP.NET Core 2 and runs on .NET Framework 4.6.1 (and higher) and .NET Core 2 (and higher).