An enterprise consists of various applications that are running to serve specific needs. For example, there are web applications to which users interact with directly, Web APIs to which web applications, native mobile applications, desktop applications, or some server level applications communicate to access data, and so on. Security plays an important role to protect resources. One option is to implement security for each application and use simple Identity to authenticate users. With enterprise scenarios, keeping authentication separate to each application is a tedious process and centralizing it brings more benefits. Here, IdentityServer4 can be used to implement a Centralized Authentication System using OpenID Connect protocol:

The preceding diagram shows various applications in an enterprise. There are Web APIs used by web applications and browser-based applications using JavaScript, native mobile applications, and Windows services that are using the Web API to access particular data, and so on.