IdentityServer4 is the framework and hostable component that was created by the developers at Thinktecture, but now it is the recommended approach by Microsoft for providing single sign-on, federation gateway, and access control features to modern web applications and APIs using OpenID Connect and OAuth 2.0 protocols. It is highly optimized to address the security problems and provide certain APIs to implement your own STS (Secure Token Service) provider that generates access tokens for your client and the resource owners who wanted to access resource servers. It is a successor of IdentityServer3 and is completely developed on top of .NET Core. Moreover, it is also part of .NET foundation, and you can learn more about this at https://identityserver.github.io.
With IdentityServer4, we can implement the following features:
| Feature | Description |
| Authentication as a Service (AaaS) | Centralized authentication service to which all applications can authenticate |
| Single Sign-in/Sign-out | Single sign-in and sign-out feature that can span to multiple applications |
| Access control for APIs | Issue Access Token to various consumers to consume Web APIs, which includes servers to server communication, web applications, native mobile apps, and desktop applications |
| Federation Gateway | Provides external authentication providers such as Facebook, Google, Microsoft, Twitter, Azure AD (Active Directory), and many more |
Apart from the preceding features, we can also customize IdentityServer4 based on our needs.