I'm trying to get my head around the big picture when producing a new website using ASP.NET Core.
I want users to my website to be able to register and log in with social media such as Facebook and Google. Once registered when they make requests to my WebAPI for resources I need to know which user is logged in so that the resource requests can be personalized to the user.
I've had a play with ASP.NET Core Identity and this seems to provide much of the functionality of what I need – for example registering with external providers, logging in, and storing those details in a database using Entity Framework- however with a little more magic than I would really like – many tutorials list steps to get it working without explaining how it works in the background for talking to Facebook for example.
On the front-end I'm looking to use Aurelia and I've noticed a number of tutorials which use Identity Server – which I understand to be an implementation of OpenIDConnect.
Having gone through a video about IdentityServer… I understand that you can use ASP.NET Core Identity with IdentityServer.
What I don't get is whether that's something that would be useful to me over just implementing ASP.NET Core Identity. (That said I can't seem to find tutorials for integrating Aurelia, ASP.NET Core Identity …)
What generally is the advantage of adding in more complexity with Identity Server over just using ASP.NET Core Identity?
Best Answer
Identity Server allows you to issue access tokens for APIs. In my experience, I've only seen it used when the application requires custom OAuth 2.0 authentication that cannot be provided by the authentication providers that are supported by ASP.Net Core. If your site is able to use one existing OAuth 2.0 providers, then there is no advantage to setting up and managing your own instance of Identity Server.