59 votesTobias Zürcher commented
Demis, it's indeed a brilliant writeup. Anyway it's so crucial to have this "External JWT Provider" because Identity Server is getting the defacto standard in the .NET world. So we need something like the JsonWebTokenAuthProvider which takes the url to "...../.well-known/openid-configuration" and just validates the token and does the SS things needed. It's hard to argue with some code snipped from a blog post, doesn't matter how good it is ;).
Auth stuff is also very sensitive so nobody really wants to own/self-write it. Shouldn't be too hard for you since all the pieces are already in SS (token parsing, algorithms...)
I hope you'll find some time for this sooner than later :)
217 votesTobias Zürcher commented
i also like this idea. i've posted a suggestion to support metrics.net (https://servicestack.uservoice.com/forums/176786-feature-requests/suggestions/9668508-add-metrics-net-adapter). in this case, ss doesn't need to take care about the UI. but obviously, it's more a "read-only" dashboard for performance than a "admin dashboard"
16 votesTobias Zürcher shared this idea ·