Reputation: 55
Deploying IdentityServer3 on Load Balancer
We are moving right along with building out our custom IdentityServer solution based on IdentityServer3. We will be deploying in a load balanced environment.
According to https://identityserver.github.io/Documentation/docsv2/configuration/serviceFactory.html there are a number of services and stores that need to be implemented.
I have implemented the mandatory user service, client and scope stores.
The document says there are other mandatory items to implement but that there are default InMemory versions.
We were planning on using the default in memory for the other stuff but am concerned that not all will work in a load balanced scenario.
What are the other mandatory services and stores we must implement for things to work properly when load balanced?
Upvotes: 2
Views: 1084
Answers (1)
Reputation: 5598
With multiple Identity Server installations serving the same requests (e.g. load balanced) you won't be able to use the various in-memory token stores, otherwise authorization codes, refresh tokens and reference tokens issued by one server won't be recognized by the other, nor will user consent be persisted. If you are using IIS, machine key synchronization is also necessary to have tokens work across all instances.
There's an entity framework package available for the token stores. You'll need the operational data.
There's also a very useful guide to going live here.
Upvotes: 3
Related Questions
- CORS in Ajax-requests against an MVC controller with IdentityServer3-authorization
- How does Asp.Net Identity 2 User Info get mapped to IdentityServer3 profile claims
- IdentityServer3 TokenHandleStore
- Identityserver3 - User Impersonation
- Are ADFS 2.0 / SAML Tokens in ASP.NET sticky?
- IdentityServer3 DiscoveryDocument fails to load
- What is the correct approach for authentication/authorization Native Android App using Thinktecture IdentityServer3