This project is read-only.

3.0.0 (Part of ASP.NET 5) 

  • 3.0 will be part of ASP.NET 5 and you can access the source code here

2.2.0 (Feb 2015)

2.1.0 (Visual Studio 2013 Update 3)

  • SignInManager
  • ASP.NET Templates updated to use Two-Factor Authentication in Visual Studio 2013 Update 3
  • Read this post for more information

2.0.0 (Visual Studio 2013 Update 2)

  • Read this post for more information.
  • Support Delete operation through the UserManager and RoleManager
  • Support IQueryable so you can easily do operations such as Get Roles For Users
  • Security Token Provider
    • Support a way to regenerate the Security Token for the user in cases when the User changes their password. This is needed to ensure that any tokens generated with the old password are invalidated
    • This makes it possible for application developers to easily support scenarios such as Single Sign Out from everywhere
  • Account Confirmation
  • Password Reset
  • Make the type of Primary Key be extensible for Users, Roles
    • In 1.0 the PK for Users and Roles was strings. While this system was extensible, there was a huge ask for making is possible to change the PK to be int or GUID so we are making it possible to change the PK.
  • Two-Factor Authentication
  • Account Lockout


1.0.0 (Fall of 2013)

In 1.0.0 we released the ASP.NET Identity Framework. The ASP.NET Identity system had the following features

  • One ASP.NET Identity system

    • ASP.NET Identity can be used with all of the ASP.NET frameworks, such as ASP.NET MVC, Web Forms, Web Pages, Web API, and SignalR.
    • ASP.NET Identity can be used when you are building web, phone, store, or hybrid applications.
  • Ease of plugging in profile data about the user
    • You have control over the schema of user and profile information. For example, you can easily enable the system to store birth dates entered by users when they register an account in your application.
    Persistence control
    • By default, the ASP.NET Identity system stores all the user information in a database. ASP.NET Identity uses Entity Framework Code First to implement all of its persistence mechanism.
    • Since you control the database schema, common tasks such as changing table names or changing the data type of primary keys is simple to do.
    • It's easy to plug in different storage mechanisms such as SharePoint, Windows Azure Storage Table Service, NoSQL databases, etc.
  • Unit testability
    • ASP.NET Identity makes the web application more unit testable. You can write unit tests for the parts of your application that use ASP.NET Identity.
  • Role provider
    • There is a role provider which lets you restrict access to parts of your application by roles. You can easily create roles such as “Admin” and add users to roles.
  • Claims Based
    • ASP.NET Identity supports claims-based authentication, where the user’s identity is represented as a set of claims. Claims allow developers to be a lot more expressive in describing a user’s identity than roles allow. Whereas role membership is just a boolean (member or non-member), a claim can include rich information about the user’s identity and membership.
    • You can easily plugin your own ClaimsIdentityFactory to customize how should a ClaimsIdentity be created for the User.
  • Local Logins
    • You can login into the site by registering a username and password on the website
  • Social Login Providers
    • You can easily add social log-ins such as Microsoft Account, Facebook, Twitter, Google, and others to your application, and store the user-specific data in your application.
    • You can associate different social providers with a single account and can link or unlink different login providers
  • Windows Azure Active Directory
    • You can also add log-in functionality using Windows Azure Active Directory, and store the user-specific data in your application. For more information, see Organizational Accounts in Creating ASP.NET Web Projects in Visual Studio 2013
  • Validation
    • Use the default User and Password Validator.
    • Replace the in build validators with your own User and Password validators
  • OWIN Integration
    • ASP.NET authentication is now based on OWIN middleware that can be used on any OWIN-based host. ASP.NET Identity does not have any dependency on System.Web. It is a fully compliant OWIN framework and can be used in any OWIN hosted application.
    • ASP.NET Identity uses OWIN Authentication for log-in/log-out of users in the web site. This means that instead of using FormsAuthentication to generate the cookie, the application uses OWIN CookieAuthentication to do that.
  • NuGet packages
    • Microsoft.AspNet.Identity.Core
      • Core interfaces that make up with ASP.NET Identity system.
    • Microsoft.AspNet.Identity.EntityFramework
      • An Entity Framework based implementation for the ASP.NET Identity Framework
    • Microsoft.AspNet.Identity.OWIN
      • It contains a set of OWIN extension classes to manage and configure OWIN authentication middleware to be consumed by ASP.NET Identity Core packages.

Last edited Feb 20, 2015 at 4:20 PM by raspranav, version 8