Your identity server is just a standard ASP.NET Core appplication including the IdentityServer middleware. Read the official Microsoft documentation on publishing and deployment first.
If setting the public origin behind a reverse-proxy or load balancer does not work for you, you can hard-code the host name using the
PublicOrigin property on the
IdentityServer configuration data¶
This typically includes:
- startup configuration, e.g. key material
All of that configuration data must be shared by all instances running your identity server. For resources and clients you can either implement
IClientStore from scratch - or you can use our built-in support for Entity Framework based databases.
Startup configuration is often either hardcoded or loaded from a configuration file or environment variables. You can use the standard ASP.NET Core configuration system for that (see documentation).
One important piece of startup configuration is your key material, see here for more details on key material and cryptography.
IdentityServer operational data¶
For certain operations, IdentityServer needs a persistence store to keep state, this includes:
- issuing authorization codes
- issuing reference and refresh tokens
- storing consent
If any of the above features are used, you need an implementation of
IPersistedGrantStore - by default IdentityServer injects an in-memory version.
Again you can use our EF Core based one, build one from scratch, or use a community contribution.