IdentityServer 6.3 and Dynamic Client Registration
The second main feature of IdentityServer v6.3 is support for the Dynamic Client Registration (DCR) protocol.
This is on one hand part of our ongoing journey to implement all relevant protocols from the OAuth and OpenID Connect
working groups, but also the start of a bigger effort around adding programmatic configuration capabilities to
IdentityServer.
DCR really consists of a base specification (RFC 7591) and various
add-ons defining additional client metadata elements. Most notably here are the OpenID
Connect additions, but really almost every other spec
added some more elements to DCR.
The below snippet shows how to use IdentityModel to register a new
client for a machine to machine communication:
Csharp
var client = new HttpClient();
var request = new DynamicClientRegistrationRequest
{
Address = Constants.Authority + "/connect/dcr",
Document = new()
{
GrantTypes = { "client_credentials" },
Scope = "api1 api2"
}
};
var response = await client.RegisterClientAsync(request);
var clientId = response.ClientId;
var clientSecret = response.ClientSecret; IdentityServer 6.3 has built-in support for
a subset of the client metadata
found in the RFC and satellite specs, but has a rich extensibility model to add support for additional elements or
custom logic as well as custom authentication and authorization.
The client registration endpoint is our first step towards a more complete programmatic configuration feature. For
example, we will look into the Dynamic Client Registration Management
protocol (RFC 7592) and also see if we can apply those patterns for
registering scopes and resources in the future.