Introducing the next era of Duende IdentityServer.

Read our CEO’s announcement
Start for Free

Duende.AccessTokenManagement 3.0

Joe DeCock
Two blue circles

Duende.AccessTokenManagement 3.0 is out now! Highlights of this release include:

  • Improved support for Blazor Server
  • Updates to dependencies
  • Bug fixes and improvements

See the release
notes
for the full details, or read on for a quick summary.

About Duende.AccessTokenManagement

Duende.AccessTokenManagement is a pair of open source libraries that help you
manage your access tokens in different contexts. They automatically acquire new
tokens when old tokens are about to expire, provide conveniences for using the
current token with HTTP clients, and can revoke tokens that are no longer
needed.

Blazor Server Support

This release improves our support for Blazor Server. We've added a new method to
use when registering services: AddBlazorServerAccessTokenManagement. This
method sets up dependencies needed specifically in a Blazor Server environment,
including retrieving the current user without using HttpContext when it is not
available. This simplifies creating HttpClients that use the current user's
access token.

We've also extracted some of the token storage logic into a new low-level
service. We're using this new service as we build support for Blazor Auto Mode
in the next version of Duende.BFF - stay tuned for updates on that soon!

See the documentation
and sample
for more details.

Dependency Updates

In the new release, we've updated our dependencies. We now require .NET 8 and
depend on:

  • version 7.0.0 or later of IdentityModel
  • version 8.0.1 or later of the ASP.NET OpenIdConnect Authentication Handler
  • version 7.1.2 or later of the Microsoft JWT libraries

Our approach for dependencies tries to minimize dependency conflicts by not
forcing upgrades. We take the minimum patch version that doesn't have a known
vulnerability or transitive dependency on a vulnerability, and we also try to
depend on the same version of the Microsoft JWT libraries as the ASP.NET
OpenIdConnect Authentication Handler.

Thank You

We thank all the contributors who helped with this release, as well as everyone
who contributed with their time and attention in the form of testing previews
and asking questions on the issue tracker!