Duende Software
@duendesoftware.com
Duende Software. Makers of Duende IdentityServer and the BFF security framework. https://duendesoftware.com https://youtube.com/@duendesoftware
Here’s what Duende IdentityServer v7.4 brings to the table:
.NET 10 (LTS): Enterprise stability & longevity.
Passkey Support: Built-in FIDO for passwordless access.
Dev Enhancements: Faster onboarding & less config.
Built for today.
duende.link/5pwbntg
.NET 10 (LTS): Enterprise stability & longevity.
Passkey Support: Built-in FIDO for passwordless access.
Dev Enhancements: Faster onboarding & less config.
Built for today.
duende.link/5pwbntg
Duende IdentityServer v7.4 is now available
Duende IdentityServer v7.4 is here! Full compatibility with .NET 10 LTS, plus a standards-based foundation for agentic AI systems and MCP.
duende.link
January 20, 2026 at 4:04 PM
Here’s what Duende IdentityServer v7.4 brings to the table:
.NET 10 (LTS): Enterprise stability & longevity.
Passkey Support: Built-in FIDO for passwordless access.
Dev Enhancements: Faster onboarding & less config.
Built for today.
duende.link/5pwbntg
.NET 10 (LTS): Enterprise stability & longevity.
Passkey Support: Built-in FIDO for passwordless access.
Dev Enhancements: Faster onboarding & less config.
Built for today.
duende.link/5pwbntg
What is PAR in security lingo? 🤔
Pushed Authorization Requests is a standard that moves authorization parameters off the URL to a secure back channel. Protect PII, prevent tampering, and shorten URLs!
Read more: duende.link/ej2w3u
#dotnet #securitylingo
Pushed Authorization Requests is a standard that moves authorization parameters off the URL to a secure back channel. Protect PII, prevent tampering, and shorten URLs!
Read more: duende.link/ej2w3u
#dotnet #securitylingo
Security Lingo Explained: PAR
Pushed Authorization Requests (PAR) is an OAuth standard that enhances the security of OAuth and OpenID Connect flows by moving authorization parameters from the front channel to the back channel,…
duende.link
January 20, 2026 at 1:00 PM
What is PAR in security lingo? 🤔
Pushed Authorization Requests is a standard that moves authorization parameters off the URL to a secure back channel. Protect PII, prevent tampering, and shorten URLs!
Read more: duende.link/ej2w3u
#dotnet #securitylingo
Pushed Authorization Requests is a standard that moves authorization parameters off the URL to a secure back channel. Protect PII, prevent tampering, and shorten URLs!
Read more: duende.link/ej2w3u
#dotnet #securitylingo
The Duende Product Insiders program is a private technical channel for partnership. Discuss Identity Strategy, Architecture, and Deployment Nuances directly with Duende experts. Stop guessing, start collaborating. 🙌
duende.link/discord
duende.link/discord
Join the Duende Insiders Discord Server!
Check out the Duende Insiders community on Discord – hang out with 42 other members and enjoy free voice and text chat.
duende.link
January 19, 2026 at 5:03 PM
The Duende Product Insiders program is a private technical channel for partnership. Discuss Identity Strategy, Architecture, and Deployment Nuances directly with Duende experts. Stop guessing, start collaborating. 🙌
duende.link/discord
duende.link/discord
Is 'Auth' just one thing? 🤔 Developers often use it as shorthand, but it's ambiguous!
Learn the critical difference between Authentication (AuthN) and Authorization (AuthZ) in our latest post: duende.link/lgoauth
#SecurityLingo #dotnet
Learn the critical difference between Authentication (AuthN) and Authorization (AuthZ) in our latest post: duende.link/lgoauth
#SecurityLingo #dotnet
Security Lingo Explained: Auth
Learn and understand the key difference between Authentication (AuthN) and Authorization (AuthZ)
duende.link
January 19, 2026 at 10:30 AM
Is 'Auth' just one thing? 🤔 Developers often use it as shorthand, but it's ambiguous!
Learn the critical difference between Authentication (AuthN) and Authorization (AuthZ) in our latest post: duende.link/lgoauth
#SecurityLingo #dotnet
Learn the critical difference between Authentication (AuthN) and Authorization (AuthZ) in our latest post: duende.link/lgoauth
#SecurityLingo #dotnet
Happy New Year? Not on unsupported IS4! ⚠️
IdentityServer4 is unmaintained and risky. Make 2026 the year you migrate to Duende IdentityServer for better security. Use our free assessment and migration guide to upgrade and protect your apps now.
➡️ duende.link/uwo974g
IdentityServer4 is unmaintained and risky. Make 2026 the year you migrate to Duende IdentityServer for better security. Use our free assessment and migration guide to upgrade and protect your apps now.
➡️ duende.link/uwo974g
January 16, 2026 at 5:30 PM
Happy New Year? Not on unsupported IS4! ⚠️
IdentityServer4 is unmaintained and risky. Make 2026 the year you migrate to Duende IdentityServer for better security. Use our free assessment and migration guide to upgrade and protect your apps now.
➡️ duende.link/uwo974g
IdentityServer4 is unmaintained and risky. Make 2026 the year you migrate to Duende IdentityServer for better security. Use our free assessment and migration guide to upgrade and protect your apps now.
➡️ duende.link/uwo974g
Developing with IdentityServer just got smoother. upgrading to v7.4 and .NET 10 introduces streamlined local-host tooling and an improved developer workflow. Spend more time coding features, not configuring infrastructure. 💻
duende.link/5pwbntg
#DevExperience #DeveloperTools #Duende #dotnet
duende.link/5pwbntg
#DevExperience #DeveloperTools #Duende #dotnet
Duende IdentityServer v7.4 is now available
Duende IdentityServer v7.4 is here! Full compatibility with .NET 10 LTS, plus a standards-based foundation for agentic AI systems and MCP.
duende.link
January 16, 2026 at 2:02 PM
Developing with IdentityServer just got smoother. upgrading to v7.4 and .NET 10 introduces streamlined local-host tooling and an improved developer workflow. Spend more time coding features, not configuring infrastructure. 💻
duende.link/5pwbntg
#DevExperience #DeveloperTools #Duende #dotnet
duende.link/5pwbntg
#DevExperience #DeveloperTools #Duende #dotnet
Ever wondered how browsers determine what kind of content they're displaying? It's usually through the Content-Type header. What happens when that's missing or incorrect? It can be a serious security risk!
Let's see how to fix this in #aspnetcore youtu.be/kSaSb2hBbyk #dotnet
Let's see how to fix this in #aspnetcore youtu.be/kSaSb2hBbyk #dotnet
Understanding the X-Content-Type-Options Header
Ever wondered how browsers determine what kind of content they're displaying? It's usually through the Content-Type header. But what happens when that's missing or incorrect? That's where MIME type…
youtu.be
January 16, 2026 at 6:30 AM
Ever wondered how browsers determine what kind of content they're displaying? It's usually through the Content-Type header. What happens when that's missing or incorrect? It can be a serious security risk!
Let's see how to fix this in #aspnetcore youtu.be/kSaSb2hBbyk #dotnet
Let's see how to fix this in #aspnetcore youtu.be/kSaSb2hBbyk #dotnet
Duende Resolution: Don't Store Tokens in the Browser. 🔐
Browser tokens are an XSS risk. Secure your SPAs and Blazor WASM apps with the Duende BFF framework, the best way to handle protocol interactions and token management safely.
➡️ duende.link/bff4b1b
Browser tokens are an XSS risk. Secure your SPAs and Blazor WASM apps with the Duende BFF framework, the best way to handle protocol interactions and token management safely.
➡️ duende.link/bff4b1b
January 15, 2026 at 4:04 PM
Duende Resolution: Don't Store Tokens in the Browser. 🔐
Browser tokens are an XSS risk. Secure your SPAs and Blazor WASM apps with the Duende BFF framework, the best way to handle protocol interactions and token management safely.
➡️ duende.link/bff4b1b
Browser tokens are an XSS risk. Secure your SPAs and Blazor WASM apps with the Duende BFF framework, the best way to handle protocol interactions and token management safely.
➡️ duende.link/bff4b1b
Is provisioning security for every new SPA your bottleneck? Your architecture is failing your Ops team.
BFF v4 Multi-Frontend is the fix. Consolidate dozens of BFFs into one secure host. We made the most secure pattern the most efficient.
➡️ duende.link/qgq422h
BFF v4 Multi-Frontend is the fix. Consolidate dozens of BFFs into one secure host. We made the most secure pattern the most efficient.
➡️ duende.link/qgq422h
Duende BFFv4 is now available
Duende BFFv4 is now available! Learn about multi-frontend, simplified security, and unlock end-to-end visibility with OpenTelemetry.
duende.link
January 15, 2026 at 8:00 AM
Is provisioning security for every new SPA your bottleneck? Your architecture is failing your Ops team.
BFF v4 Multi-Frontend is the fix. Consolidate dozens of BFFs into one secure host. We made the most secure pattern the most efficient.
➡️ duende.link/qgq422h
BFF v4 Multi-Frontend is the fix. Consolidate dozens of BFFs into one secure host. We made the most secure pattern the most efficient.
➡️ duende.link/qgq422h
As a Duende Product Insider, your team directly influences IdentityServer/BFF evolution. Contribute real-world use cases & feedback to shape a product meeting your complex enterprise security requirements.
Invest in a platform you help define.
➡️ duende.link/insiders
Invest in a platform you help define.
➡️ duende.link/insiders
Duende Product Insiders
We invite you to join a deeply technical, standards-driven community to help shape the future of .NET security and identity.
duende.link
January 14, 2026 at 3:04 PM
As a Duende Product Insider, your team directly influences IdentityServer/BFF evolution. Contribute real-world use cases & feedback to shape a product meeting your complex enterprise security requirements.
Invest in a platform you help define.
➡️ duende.link/insiders
Invest in a platform you help define.
➡️ duende.link/insiders
Join us as we continue our journey through essential security-related HTTP headers! In this video, we look at Referrer-Policy, a crucial header that gives you control over what information is sent in the Referer header.
youtu.be/ez77PZb9wfU #dotnet #SecurityTips #aspnetcore
youtu.be/ez77PZb9wfU #dotnet #SecurityTips #aspnetcore
Refer(r)er Policy - Don't leak sensitive information in your HTTP headers
Join us as we continue our journey through essential security-related HTTP headers! In this video, we dive deep into Referrer-Policy, a crucial header that g...
youtu.be
January 14, 2026 at 1:01 PM
Join us as we continue our journey through essential security-related HTTP headers! In this video, we look at Referrer-Policy, a crucial header that gives you control over what information is sent in the Referer header.
youtu.be/ez77PZb9wfU #dotnet #SecurityTips #aspnetcore
youtu.be/ez77PZb9wfU #dotnet #SecurityTips #aspnetcore
What are BCP?
💡 They are Best Current Practices, what the current knowledge and insights in the security world prescribe as the best solution to a given problem.
Security Lingo Explained: duende.link/lngobcp
#SecurityLingo #dotnet
💡 They are Best Current Practices, what the current knowledge and insights in the security world prescribe as the best solution to a given problem.
Security Lingo Explained: duende.link/lngobcp
#SecurityLingo #dotnet
Security Lingo Explained: BCP
Demystify the security acronym BCP (Best Current Practices) and learn what it means, how it's used, and why it changes over time.
duende.link
January 14, 2026 at 7:30 AM
What are BCP?
💡 They are Best Current Practices, what the current knowledge and insights in the security world prescribe as the best solution to a given problem.
Security Lingo Explained: duende.link/lngobcp
#SecurityLingo #dotnet
💡 They are Best Current Practices, what the current knowledge and insights in the security world prescribe as the best solution to a given problem.
Security Lingo Explained: duende.link/lngobcp
#SecurityLingo #dotnet
Happy New Year? Not on unsupported IS4! ⚠️
IdentityServer4 is unmaintained and risky. Make 2026 the year you migrate to Duende IdentityServer for better security. Use our free assessment and migration guide to upgrade and protect your apps now.
➡️ duende.link/98qwrgn
IdentityServer4 is unmaintained and risky. Make 2026 the year you migrate to Duende IdentityServer for better security. Use our free assessment and migration guide to upgrade and protect your apps now.
➡️ duende.link/98qwrgn
January 13, 2026 at 5:04 PM
Happy New Year? Not on unsupported IS4! ⚠️
IdentityServer4 is unmaintained and risky. Make 2026 the year you migrate to Duende IdentityServer for better security. Use our free assessment and migration guide to upgrade and protect your apps now.
➡️ duende.link/98qwrgn
IdentityServer4 is unmaintained and risky. Make 2026 the year you migrate to Duende IdentityServer for better security. Use our free assessment and migration guide to upgrade and protect your apps now.
➡️ duende.link/98qwrgn
OpenID Connect signing key rotation is a non-negotiable part of modern security 🔒
We break down the technical and compliance requirements, and how Duende IdentityServer's automatic key management ensures zero-downtime rotation.
duende.link/yhwsz42
#OpenIDConnect #OAuth2 #Security #dotnet
We break down the technical and compliance requirements, and how Duende IdentityServer's automatic key management ensures zero-downtime rotation.
duende.link/yhwsz42
#OpenIDConnect #OAuth2 #Security #dotnet
Why Signing Key Rotation Matters in OpenID Connect and Duende IdentityServer
OpenID Connect signing key rotation matters for security and compliance. Duende IdentityServer's automatic system ensures zero-downtime and best practices.
duende.link
January 13, 2026 at 1:15 PM
OpenID Connect signing key rotation is a non-negotiable part of modern security 🔒
We break down the technical and compliance requirements, and how Duende IdentityServer's automatic key management ensures zero-downtime rotation.
duende.link/yhwsz42
#OpenIDConnect #OAuth2 #Security #dotnet
We break down the technical and compliance requirements, and how Duende IdentityServer's automatic key management ensures zero-downtime rotation.
duende.link/yhwsz42
#OpenIDConnect #OAuth2 #Security #dotnet
Let's look into a crucial "defense-in-depth" mechanism: SameSite cookies. Learn how this powerful browser flag adds extra protection against Cross-Site Request Forgery (CSRF) attacks.
Strengthen your #aspnetcore web applications!
youtu.be/goQlKiynWXU #dotnet
Strengthen your #aspnetcore web applications!
youtu.be/goQlKiynWXU #dotnet
SameSite Cookies 🍪
Welcome back to Duende Software's web security series! In this video, we're looking into a crucial "defense-in-depth" mechanism: SameSite cookies. Learn how this powerful browser flag can add an…
youtu.be
January 13, 2026 at 11:02 AM
Let's look into a crucial "defense-in-depth" mechanism: SameSite cookies. Learn how this powerful browser flag adds extra protection against Cross-Site Request Forgery (CSRF) attacks.
Strengthen your #aspnetcore web applications!
youtu.be/goQlKiynWXU #dotnet
Strengthen your #aspnetcore web applications!
youtu.be/goQlKiynWXU #dotnet
The password era is ending, and ASP.NET Identity passkey support in Duende IdentityServer v7.4 makes that future practical today. Fully integrated, FIDO-compliant authentication with no fragile add-ons or workarounds. Just true passwordless security baked in from the start 🔑
duende.link/5pwbntg
duende.link/5pwbntg
Duende IdentityServer v7.4 is now available
Duende IdentityServer v7.4 is here! Full compatibility with .NET 10 LTS, plus a standards-based foundation for agentic AI systems and MCP.
ASP.NET
January 12, 2026 at 2:03 PM
The password era is ending, and ASP.NET Identity passkey support in Duende IdentityServer v7.4 makes that future practical today. Fully integrated, FIDO-compliant authentication with no fragile add-ons or workarounds. Just true passwordless security baked in from the start 🔑
duende.link/5pwbntg
duende.link/5pwbntg
Secure your AI agents! 🔐
We're breaking down the Model Context Protocol (#MCP) and show how to use Duende IdentityServer & Dynamic Client Registration (DCR) to add #oidc #oauth to your client.
duende.link/is74b1t #dotnet
We're breaking down the Model Context Protocol (#MCP) and show how to use Duende IdentityServer & Dynamic Client Registration (DCR) to add #oidc #oauth to your client.
duende.link/is74b1t #dotnet
Scaling with Duende IdentityServer, MCP, and AI
Learn to leverage the Model Context Protocol (MCP) to securely scale AI agents and mitigate LLM errors with existing systems using Duende IdentityServer.
duende.link
January 12, 2026 at 7:15 AM
Secure your AI agents! 🔐
We're breaking down the Model Context Protocol (#MCP) and show how to use Duende IdentityServer & Dynamic Client Registration (DCR) to add #oidc #oauth to your client.
duende.link/is74b1t #dotnet
We're breaking down the Model Context Protocol (#MCP) and show how to use Duende IdentityServer & Dynamic Client Registration (DCR) to add #oidc #oauth to your client.
duende.link/is74b1t #dotnet
For devs who care about identity 🚨 Product Insiders get:
- Early access to features.
- Deep collaboration with Duende leaders.
- Direct influence on .NET identity & security.
Where standards meet code. Apply: duende.link/insiders
#DuendeInsiders #SecurityExperts
- Early access to features.
- Deep collaboration with Duende leaders.
- Direct influence on .NET identity & security.
Where standards meet code. Apply: duende.link/insiders
#DuendeInsiders #SecurityExperts
January 9, 2026 at 7:03 PM
For devs who care about identity 🚨 Product Insiders get:
- Early access to features.
- Deep collaboration with Duende leaders.
- Direct influence on .NET identity & security.
Where standards meet code. Apply: duende.link/insiders
#DuendeInsiders #SecurityExperts
- Early access to features.
- Deep collaboration with Duende leaders.
- Direct influence on .NET identity & security.
Where standards meet code. Apply: duende.link/insiders
#DuendeInsiders #SecurityExperts
We built our own JWT Decoder tool - jwt.me! 🧐
Quickly inspect and validate your JSON Web Tokens. It features automatic public key (JWK) retrieval, inline claim explanations, and presenter mode.
Read all about it: duende.link/387skhq
#dotnet
Quickly inspect and validate your JSON Web Tokens. It features automatic public key (JWK) retrieval, inline claim explanations, and presenter mode.
Read all about it: duende.link/387skhq
#dotnet
Duende IdentityServer
Using this tool, you can decode and validate JSON Web Tokens (JWTs) issued by IdentityServer or another token issuer.
jwt.me
January 9, 2026 at 3:30 PM
We built our own JWT Decoder tool - jwt.me! 🧐
Quickly inspect and validate your JSON Web Tokens. It features automatic public key (JWK) retrieval, inline claim explanations, and presenter mode.
Read all about it: duende.link/387skhq
#dotnet
Quickly inspect and validate your JSON Web Tokens. It features automatic public key (JWK) retrieval, inline claim explanations, and presenter mode.
Read all about it: duende.link/387skhq
#dotnet
Join us as we continue our journey through essential security-related HTTP headers! In this video, we dive deep into Referrer-Policy, a crucial header that gives you control over what information is sent in the Referer HTTP header.
youtu.be/ez77PZb9wfU #dotnet #SecurityTips #aspnetcore
youtu.be/ez77PZb9wfU #dotnet #SecurityTips #aspnetcore
January 8, 2026 at 10:07 PM
Join us as we continue our journey through essential security-related HTTP headers! In this video, we dive deep into Referrer-Policy, a crucial header that gives you control over what information is sent in the Referer HTTP header.
youtu.be/ez77PZb9wfU #dotnet #SecurityTips #aspnetcore
youtu.be/ez77PZb9wfU #dotnet #SecurityTips #aspnetcore
Duende BFF v4 delivers native multi-frontend support! 🛑
The days of deploying 10 BFFs for 10 SPAs are over. Consolidate security, cut operational sprawl, and unify identity for all your browser apps in one place. One host, many frontends. Finally. ✨
duende.link/yjznoj5
#Duende #BFFv4
The days of deploying 10 BFFs for 10 SPAs are over. Consolidate security, cut operational sprawl, and unify identity for all your browser apps in one place. One host, many frontends. Finally. ✨
duende.link/yjznoj5
#Duende #BFFv4
Backend for Frontend (BFF) Security Framework
Securing SPAs and Blazor WASM Applications once and for all.
duende.link
January 8, 2026 at 9:02 PM
Duende BFF v4 delivers native multi-frontend support! 🛑
The days of deploying 10 BFFs for 10 SPAs are over. Consolidate security, cut operational sprawl, and unify identity for all your browser apps in one place. One host, many frontends. Finally. ✨
duende.link/yjznoj5
#Duende #BFFv4
The days of deploying 10 BFFs for 10 SPAs are over. Consolidate security, cut operational sprawl, and unify identity for all your browser apps in one place. One host, many frontends. Finally. ✨
duende.link/yjznoj5
#Duende #BFFv4
That's a wrap on 2025! 🚀 We delivered over 1,042 merged PRs, achieved FAPI 2.0 certification for IdentityServer, launched multi-frontend BFF v4, and added #dotnet 10 support across the board.
Read our year-end review: duende.link/by32025
#dotnet #security #OpenIDConnect
Read our year-end review: duende.link/by32025
#dotnet #security #OpenIDConnect
Duende Year-End Review 2025
Duende Software's 2025 Year-End Review details major milestones: FAPI 2.0 certification for IdentityServer, the architectural leap of BFF 4.0.0 (multi-frontend, OpenTelemetry), and immediate .NET 10…
duende.link
January 8, 2026 at 6:31 PM
That's a wrap on 2025! 🚀 We delivered over 1,042 merged PRs, achieved FAPI 2.0 certification for IdentityServer, launched multi-frontend BFF v4, and added #dotnet 10 support across the board.
Read our year-end review: duende.link/by32025
#dotnet #security #OpenIDConnect
Read our year-end review: duende.link/by32025
#dotnet #security #OpenIDConnect
Security shouldn’t slow innovation. Duende IdentityServer v7.4 includes ASP.NET Identity passkey support and a commitment to long-term stability on .NET 10 LTS. 🔐 Invest in security that scales, not complexity that grows.
duende.link/5pwbntg
duende.link/5pwbntg
Duende IdentityServer v7.4 is now available
Duende IdentityServer v7.4 is here! Full compatibility with .NET 10 LTS, plus a standards-based foundation for agentic AI systems and MCP.
ASP.NET
January 8, 2026 at 7:00 AM
Security shouldn’t slow innovation. Duende IdentityServer v7.4 includes ASP.NET Identity passkey support and a commitment to long-term stability on .NET 10 LTS. 🔐 Invest in security that scales, not complexity that grows.
duende.link/5pwbntg
duende.link/5pwbntg
Duende Resolutions: Improve your security posture!
As you plan for the New Year, make enterprise security a non-negotiable. Duende IdentityServer provides secure, standards-compliant identity infrastructure for OpenID Connect and OAuth 2.0.
➡️ duende.link/98qwrgn
As you plan for the New Year, make enterprise security a non-negotiable. Duende IdentityServer provides secure, standards-compliant identity infrastructure for OpenID Connect and OAuth 2.0.
➡️ duende.link/98qwrgn
January 7, 2026 at 8:01 PM
Duende Resolutions: Improve your security posture!
As you plan for the New Year, make enterprise security a non-negotiable. Duende IdentityServer provides secure, standards-compliant identity infrastructure for OpenID Connect and OAuth 2.0.
➡️ duende.link/98qwrgn
As you plan for the New Year, make enterprise security a non-negotiable. Duende IdentityServer provides secure, standards-compliant identity infrastructure for OpenID Connect and OAuth 2.0.
➡️ duende.link/98qwrgn
Stop struggling with diverse identity providers. 🛑
A Federation Gateway, such as Duende IdentityServer, is the key to:
🔑 Centralized Compliance
⚡️ Operational Agility
👤 Unified User Login
duende.link/8aefizq
#IdentityOrchestration #SSO #Security #dotnet
A Federation Gateway, such as Duende IdentityServer, is the key to:
🔑 Centralized Compliance
⚡️ Operational Agility
👤 Unified User Login
duende.link/8aefizq
#IdentityOrchestration #SSO #Security #dotnet
Building a Federation Gateway with Duende IdentityServer: Strategies and Considerations for Identity Orchestration
Learn the core benefits of building a federation gateway that brings together Entra ID, Okta, SAML, Auth0 though a centralized authentication provider like DUende IdentityServer.
duende.link
January 7, 2026 at 3:15 PM
Stop struggling with diverse identity providers. 🛑
A Federation Gateway, such as Duende IdentityServer, is the key to:
🔑 Centralized Compliance
⚡️ Operational Agility
👤 Unified User Login
duende.link/8aefizq
#IdentityOrchestration #SSO #Security #dotnet
A Federation Gateway, such as Duende IdentityServer, is the key to:
🔑 Centralized Compliance
⚡️ Operational Agility
👤 Unified User Login
duende.link/8aefizq
#IdentityOrchestration #SSO #Security #dotnet