Abblix.OIDC.Server 2.3.0

Prefix Reserved

dotnet add package Abblix.OIDC.Server --version 2.3.0

NuGet\Install-Package Abblix.OIDC.Server -Version 2.3.0

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="Abblix.OIDC.Server" Version="2.3.0" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

<PackageVersion Include="Abblix.OIDC.Server" Version="2.3.0" />
                    

                            Directory.Packages.props

<PackageReference Include="Abblix.OIDC.Server" />
                    

                            Project file

For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.

paket add Abblix.OIDC.Server --version 2.3.0

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: Abblix.OIDC.Server, 2.3.0"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

#:package Abblix.OIDC.Server@2.3.0

#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.

#addin nuget:?package=Abblix.OIDC.Server&version=2.3.0
                    

                            Install as a Cake Addin

#tool nuget:?package=Abblix.OIDC.Server&version=2.3.0
                    

                            Install as a Cake Tool

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Abblix OIDC Server

Abblix OIDC Server is a robust .NET library that implements the OpenID Connect protocol on the server side. Designed with modular and hexagonal architecture patterns, it provides a compliant, extensible framework for adding OIDC-based authentication and authorization to .NET applications. It supports Dependency Injection using the standard .NET DI container, and uses its own JWT implementation built on .NET cryptographic primitives.

What's New in Version 2.3

🚀 Features

Rich Authorization Requests (RFC 9396): fine-grained, transaction-level authorization details across the authorization endpoint, PAR, the token endpoint, CIBA, and the device grant
Token Exchange (RFC 8693): impersonation and delegation with multiple subject- and actor-token formats
DPoP sender-constrained tokens (RFC 9449): signature-based proof of possession for public clients that cannot use mTLS
Certificate-bound access token verification (RFC 8705 §3): resource-server check that a presented token matches the client certificate
JARM: signed, optionally encrypted JWT authorization responses
JWT-secured token introspection (RFC 9701): signed introspection responses via content negotiation
JWE-encrypted request objects (RFC 9101): confidential request parameters in the front channel and by reference
Signed authorization server metadata (RFC 8414): opt-in, integrity-protected discovery document

✏️ Improvements

Secure-by-default: Implicit Flow is now opt-in, and Dynamic Client Registration requires an Initial Access Token (RFC 7591)
Token-class confusion defense via opt-in token-type pinning (RFC 8725), JWS key pinned to its declared algorithm (RFC 7517), enforced HMAC key length (RFC 7518)
Authorization-response issuer parameter (RFC 9207) advertised in discovery

Implemented Standards

Abblix OIDC Server implements a comprehensive suite of standards for authorization and security:

OAuth 2.0

The OAuth 2.0 Authorization Framework: RFC 6749
Bearer Token Usage: RFC 6750, HTTP Authentication: RFC 9110, Section 11
Token Revocation: RFC 7009
Token Introspection: RFC 7662
Proof Key for Code Exchange (PKCE): RFC 7636
Device Authorization Grant: RFC 8628
Dynamic Client Registration: RFC 7591 and RFC 7592
Mutual-TLS Client Authentication: RFC 8705
Demonstrating Proof of Possession (DPoP): RFC 9449
Resource Indicators: RFC 8707
JWT Access Tokens: RFC 9068
JWT-Secured Authorization Request (JAR): RFC 9101
Pushed Authorization Requests (PAR): RFC 9126
Authorization Server Issuer Identification: RFC 9207
Multiple Response Types: Specification
Form Post Response Mode: Specification

JSON Web Token (JWT)

JWS: RFC 7515, JWE: RFC 7516, JWK: RFC 7517, JWA: RFC 7518, JWT: RFC 7519
JWT Client Authentication: RFC 7523
Authentication Method Reference Values: RFC 8176

OpenID Connect

Core 1.0: Specification
Discovery 1.0 / Authorization Server Metadata: Specification, RFC 8414
Dynamic Client Registration 1.0: Specification
Session Management 1.0: Specification
RP-Initiated Logout 1.0: Specification
Front-Channel Logout 1.0: Specification
Back-Channel Logout 1.0: Specification
Client-Initiated Backchannel Authentication (CIBA): Specification
Pairwise Pseudonymous Identifiers (PPID): OpenID Connect Core Section 8

Installation

dotnet add package Abblix.OIDC.Server

Note: Most applications should use Abblix.OIDC.Server.MVC which includes this package plus ASP.NET MVC integration with controllers, model binding, and routing.

Package	Description
Abblix.Utils	Utility library with crypto, URI, and JSON helpers
Abblix.DependencyInjection	Advanced .NET DI extensions with aliasing, composites, and decorators
Abblix.JWT	JWT signing, encryption, and validation using .NET crypto primitives
Abblix.OIDC.Server	Core OpenID Connect server implementation (this package)
Abblix.OIDC.Server.MVC	ASP.NET MVC integration for OIDC server

Getting Started

To learn more about the Abblix OIDC Server product, visit our Documentation site and explore the Getting Started Guide.

Contacts

Email: support@abblix.com
Website: Abblix OIDC Server

Product	Compatible and additional computed target framework versions.
.NET	net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed.

Product

.NET

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

net10.0
- Abblix.DependencyInjection (>= 2.3.0)
- Abblix.JWT (>= 2.3.0)
- Google.Protobuf (>= 3.35.0)
- Microsoft.AspNetCore.Http.Abstractions (>= 2.3.10)
- Microsoft.Extensions.Caching.Abstractions (>= 10.0.8)
- Microsoft.Extensions.Caching.Memory (>= 10.0.8)
- Microsoft.Extensions.DependencyInjection (>= 10.0.8)
- Microsoft.Extensions.Hosting.Abstractions (>= 10.0.8)
- Microsoft.Extensions.Http (>= 10.0.8)
- Microsoft.Extensions.Logging (>= 10.0.8)
- Microsoft.Extensions.Logging.Abstractions (>= 10.0.8)
- Microsoft.Extensions.Options (>= 10.0.8)
net8.0
- Abblix.DependencyInjection (>= 2.3.0)
- Abblix.JWT (>= 2.3.0)
- Google.Protobuf (>= 3.35.0)
- Microsoft.AspNetCore.Http.Abstractions (>= 2.3.10)
- Microsoft.Extensions.Caching.Abstractions (>= 10.0.8)
- Microsoft.Extensions.Caching.Memory (>= 10.0.8)
- Microsoft.Extensions.DependencyInjection (>= 10.0.8)
- Microsoft.Extensions.Hosting.Abstractions (>= 10.0.8)
- Microsoft.Extensions.Http (>= 10.0.8)
- Microsoft.Extensions.Logging (>= 10.0.8)
- Microsoft.Extensions.Logging.Abstractions (>= 10.0.8)
- Microsoft.Extensions.Options (>= 10.0.8)
- System.Linq.Async (>= 7.0.1)
net9.0
- Abblix.DependencyInjection (>= 2.3.0)
- Abblix.JWT (>= 2.3.0)
- Google.Protobuf (>= 3.35.0)
- Microsoft.AspNetCore.Http.Abstractions (>= 2.3.10)
- Microsoft.Extensions.Caching.Abstractions (>= 10.0.8)
- Microsoft.Extensions.Caching.Memory (>= 10.0.8)
- Microsoft.Extensions.DependencyInjection (>= 10.0.8)
- Microsoft.Extensions.Hosting.Abstractions (>= 10.0.8)
- Microsoft.Extensions.Http (>= 10.0.8)
- Microsoft.Extensions.Logging (>= 10.0.8)
- Microsoft.Extensions.Logging.Abstractions (>= 10.0.8)
- Microsoft.Extensions.Options (>= 10.0.8)
- System.Linq.Async (>= 7.0.1)

NuGet packages (1)

Showing the top 1 NuGet packages that depend on Abblix.OIDC.Server:

Package	Downloads
Abblix.OIDC.Server.MVC The package integrates Abblix's OIDC Server capabilities with ASP.NET MVC, offering seamless support for OpenID Connect in MVC applications. It enables fast and easy implementation of secure OpenID Connect protocols, ensuring security features are accessible within the MVC framework.	6.3K

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last Updated
2.3.0	125	6/9/2026
2.2.0	401	2/18/2026
2.1.0	508	12/8/2025
2.0.1	664	12/1/2025
2.0.0	259	11/26/2025
1.6.0	331	8/14/2025
1.5.0	279	6/25/2025
1.4.0	329	4/9/2025
1.3.1	290	12/3/2024
1.3.0.1	252	11/28/2024
1.3.0	241	11/13/2024
1.2.0.1	234	10/16/2024
1.2.0	240	10/11/2024
1.1.0	362	7/9/2024
1.0.100	263	5/3/2024

Rich Authorization Requests (RFC 9396), Token Exchange (RFC 8693), DPoP sender-constrained tokens (RFC 9449), certificate-bound access token verification (RFC 8705), JARM signed authorization responses, JWT-secured token introspection (RFC 9701), JWE-encrypted request objects (RFC 9101), signed authorization server metadata (RFC 8414), and secure-by-default hardening (Implicit Flow opt-in, Initial Access Token for client registration). Full details: https://github.com/Abblix/Oidc.Server/releases/tag/v2.3