|
| 1 | +--- |
| 2 | +title: "IdentityServer Admin UI" |
| 3 | +description: "Documentation for implementing an administrative UI for IdentityServer." |
| 4 | +date: 2020-09-10T08:22:12+02:00 |
| 5 | +sidebar: |
| 6 | + label: Admin |
| 7 | + order: 5 |
| 8 | +--- |
| 9 | + |
| 10 | +Duende IdentityServer is an OAuth 2.0 and OpenID Connect protocol engine and framework, and does not include any UI beyond what is available in the [project templates](/identityserver/overview/packaging/#templates). |
| 11 | +These contain UI for the login and consent pages, among others, but do not currently include an administrative UI as part of the product. |
| 12 | + |
| 13 | +In this section, we will cover a couple of approaches to configure and administer Duende IdentityServer. |
| 14 | + |
| 15 | +## In-Memory vs. Database Configuration |
| 16 | + |
| 17 | +[Configuration data](/identityserver/data/configuration/) in Duende IdentityServer is stored in a configuration store. |
| 18 | + |
| 19 | +IdentityServer supports in-memory configuration, where clients, resources, scopes, and other configuration options are stored in memory. |
| 20 | +This approach is valuable, as configuration can be maintained and linked from a specific commit in source control, and deployed as a single unit with IdentityServer. |
| 21 | + |
| 22 | +The downside of this approach is that to change configuration, the application will have to be restarted or redeployed. |
| 23 | +To allow for dynamic configuration changes, you can [store configuration in a database](/identityserver/data/ef/). |
| 24 | + |
| 25 | +## Build Your Own Admin UI |
| 26 | + |
| 27 | +When using a database-backed configuration store, you can use one of several [general-purpose solutions](#third-party-identityserver-admin-ui). |
| 28 | +It is worth considering building your own solution, though. |
| 29 | + |
| 30 | +A configuration and administration UI allows you to configure your production system manually. |
| 31 | +You may want to consider reducing the number of available options in this UI, to prevent accidental configuration errors. |
| 32 | +For example, you may want to limit the options to only those that are relevant to your production environment, and not support editing all the various protocol, client, and resource options. |
| 33 | +A limited subset of the available options may be enough. |
| 34 | + |
| 35 | +:::tip[Duende IdentityServer AdminUI Templates] |
| 36 | +Creating custom, specialized admin UI functionality is demonstrated in the [EntityFramework-based template](https://github.com/DuendeSoftware/IdentityServer.Templates). |
| 37 | +You can use its UI to manage clients and scopes as a starting point. |
| 38 | +::: |
| 39 | + |
| 40 | +## Third-Party IdentityServer Admin UI |
| 41 | + |
| 42 | +A number of third-party projects and products have created IdentityServer Admin UIs. These are general-purpose and offer |
| 43 | +access to the Duende IdentityServer configuration data in a forms-over-data style. |
| 44 | + |
| 45 | +| Project | Description | |
| 46 | +|---------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------| |
| 47 | +| [Duende.IdentityServer.Admin](https://github.com/skoruba/Duende.IdentityServer.Admin) | ASP.NET Core Admin UI for Duende IdentityServer by Jan Škoruba | |
| 48 | +| [Aguafrommars TheIdServer](https://github.com/Aguafrommars/TheIdServer) | OpenID/Connect, OAuth2, WS-Federation and SAML 2.0 server based on Duende IdentityServer and ITFoxtec Identity SAML 2.0 with its admin UI by Olivier Lefebvre | |
| 49 | +| [RockSolidKnowledge AdminUI](https://www.identityserver.com/products/adminui) | UI and APIs for managing your Duende IdentityServer | |
0 commit comments