Openiddict Core

Flexible and versatile OAuth 2.0/OpenID Connect stack for .NET
Alternatives To Openiddict Core
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Identityserver48,9443143596 months ago99March 18, 2021apache-2.0C#
OpenID Connect and OAuth 2.0 Framework for ASP.NET Core
Openiddict Core3,52943232 days ago28August 22, 202221apache-2.0C#
Flexible and versatile OAuth 2.0/OpenID Connect stack for .NET,08314020 days ago5May 22, 201721apache-2.0C#
OAuth 2.0 social authentication providers for ASP.NET Core
Identityserver1,042273 days ago42July 12, 202267otherJavaScript
The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
Awesome Dotnet Tips786
7 days agomitC#
A curated list of awesome tips and tricks, resources, videos and articles in .net, software architecture, microservice and cloud-native
2 years agon,ullmitHTML
:wrench: ASP.NET Core 3 & Angular 8 Administration Panel for :revolving_hearts:IdentityServer4 and ASP.NET Core Identity
3 months ago36mitTypeScript
OpenID Connect Code Flow PKCE / Implicit Flow with Angular and ASP.NET Core 6 IdentityServer4
Aspnetcore Webapi Course653
5 months ago15C#
Professional REST API design with ASP.NET Core WebAPI
Openiddict Samples543
2 days ago5apache-2.0PowerShell
ASP.NET Core and Microsoft.Owin/ASP.NET 4.x samples for OpenIddict
Booking Microservices538
a day ago5mitC#
A microservices, built with .Net, DDD, CQRS, Event Sourcing, Vertical Slice Architecture, Event-Driven Architecture, and the latest technologies.
Alternatives To Openiddict Core
Select To Compare

Alternative Project Comparisons


The OpenID Connect stack you'll be addicted to.

Build status

What's OpenIddict?

OpenIddict aims at providing a versatile solution to implement OpenID Connect client, server and token validation support in any ASP.NET Core 2.1 (and higher) application. ASP.NET 4.6.1 (and higher) applications are also fully supported thanks to a native Microsoft.Owin 4.2 integration.

OpenIddict fully supports the code/implicit/hybrid flows, the client credentials/resource owner password grants and the device authorization flow.

OpenIddict natively supports Entity Framework Core, Entity Framework 6 and MongoDB out-of-the-box and custom stores can be implemented to support other providers.

Getting started

Developers looking for a simple and turnkey solution are strongly encouraged to use OrchardCore and its OpenID module, which is based on OpenIddict, comes with sensible defaults and offers a built-in management GUI to easily register OpenID client applications.

To implement a custom OpenID Connect server using OpenIddict, read Getting started.

Samples demonstrating how to use OpenIddict with the different OAuth 2.0/OpenID Connect flows can be found in the dedicated repository.

Compatibility matrix

Web framework version .NET runtime version OpenIddict 4.x
ASP.NET Core 2.1 .NET Framework 4.6.1 ✔️ ℹ️
ASP.NET Core 2.1 .NET Framework 4.7.2 ✔️
ASP.NET Core 2.1 .NET Framework 4.8 ✔️
ASP.NET Core 2.1 .NET Core 2.1 ❗️
ASP.NET Core 3.1 .NET Core 3.1 ✔️
ASP.NET Core 5.0 .NET 5.0 ❗️
ASP.NET Core 6.0 .NET 6.0 ✔️
ASP.NET Core 7.0 .NET 7.0 ✔️
Microsoft.Owin 4.2 .NET Framework 4.6.1 ✔️ ℹ️
Microsoft.Owin 4.2 .NET Framework 4.7.2 ✔️
Microsoft.Owin 4.2 .NET Framework 4.8 ✔️

Warning ASP.NET Core 2.1 on .NET Core 2.1 and ASP.NET Core 5.0 on .NET 5.0 are no longer supported by Microsoft. While OpenIddict 4.x can still be used on .NET Core 2.1 thanks to its .NET Standard 2.0 compatibility, users are strongly encouraged to migrate to ASP.NET Core/.NET 6.0. ASP.NET Core 2.1 on .NET Framework 4.6.1 (and higher) is still fully supported.

Note The following features are not available when targeting .NET Framework 4.6.1:

  • X.509 development encryption/signing certificates: calling AddDevelopmentEncryptionCertificate() or AddDevelopmentSigningCertificate() will result in a PlatformNotSupportedException being thrown at runtime if no valid development certificate can be found and a new one must be generated.
  • X.509 ECDSA signing certificates/keys: calling AddSigningCertificate() or AddSigningKey() with an ECDSA certificate/key will always result in a PlatformNotSupportedException being thrown at runtime.


Unlike many other identity providers, OpenIddict is not a turnkey solution but a framework that requires writing custom code to be operational (typically, at least an authorization controller), making it a poor candidate for the certification program.

While a reference implementation could be submitted as-is, this wouldn't guarantee that implementations deployed by OpenIddict users would be standard-compliant.

Instead, developers are encouraged to execute the conformance tests against their own deployment once they've implemented their own logic.

The samples repository contains a dedicated sample specially designed to be used with the OpenID Connect Provider Certification tool and demonstrate that OpenIddict can be easily used in a certified implementation. To allow executing the certification tests as fast as possible, that sample doesn't include any membership or consent feature (two hardcoded identities are proposed for tests that require switching between identities).


Looking for additional resources to help you get started with OpenIddict? Don't miss these interesting blog posts:

OpenIddict-based projects maintained by third parties:

Security policy

Security issues and bugs should be reported privately by emailing [email protected]. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message.


If you need support, please make sure you sponsor the project before creating a GitHub ticket. If you're not a sponsor, you can post your questions on Gitter or StackOverflow:

Nightly builds

If you want to try out the latest features and bug fixes, there is a MyGet feed with nightly builds of OpenIddict. To reference the OpenIddict MyGet feed, create a NuGet.config file (at the root of your solution):

<?xml version="1.0" encoding="utf-8"?>
    <add key="nuget" value="" />
    <add key="openiddict" value="" />


OpenIddict is actively maintained by Kvin Chalet. Contributions are welcome and can be submitted using pull requests.

Special thanks to our sponsors for their incredible support:

Volosoft logo

Sbastien RosSchmitt ChristianFlorian WachsSebastian StehleCommunicatie CockpitJasmin SavardThomasMichael CalasanzDigitalOps Co. Ltd.Jaco Jansen van VuurenEYERIDE Fleet Management SystemJulien DebacheStian HveRavindu LiyanapathiranaHieronymusBlazeAkhan ZhakiyanovCorentin BROSSUTTIBarry DorransDevQ S.r.l.GrgoireAndrii Chebukin


This project is licensed under the Apache License. This means that you can use, modify and distribute it freely. See for more details.

Popular Oauth Projects
Popular Asp Net Core Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
C Sharp
Asp Net Core
Openid Connect