Class AuthenticationOptions

Namespace

Duende.IdentityServer.Configuration

Assembly

Duende.IdentityServer.dll

Configures the login and logout views and behavior.

public class AuthenticationOptions

Inheritance

object

AuthenticationOptions

Inherited Members

object.GetType()

object.MemberwiseClone()

object.ToString()

object.Equals(object)

object.Equals(object, object)

object.ReferenceEquals(object, object)

object.GetHashCode()

Constructors

AuthenticationOptions()

public AuthenticationOptions()

Properties

CheckSessionCookieDomain

Gets or sets the domain of the cookie used for the check session endpoint. Defaults to null.

public string? CheckSessionCookieDomain { get; set; }

Property Value

string

CheckSessionCookieName

Gets or sets the name of the cookie used for the check session endpoint.

public string CheckSessionCookieName { get; set; }

Property Value

string

CheckSessionCookieSameSiteMode

Gets or sets the SameSite mode of the cookie used for the check session endpoint. Defaults to SameSiteMode.None.

public SameSiteMode CheckSessionCookieSameSiteMode { get; set; }

Property Value

SameSiteMode

CookieAuthenticationScheme

Sets the cookie authentication scheme configured by the host used for interactive users. If not set, the scheme will be inferred from the host's default authentication scheme. This setting is typically used when AddPolicyScheme is used in the host as the default scheme.

public string? CookieAuthenticationScheme { get; set; }

Property Value

string

CookieLifetime

Sets the cookie lifetime (only effective if the IdentityServer-provided cookie handler is used)

public TimeSpan CookieLifetime { get; set; }

Property Value

TimeSpan

CookieSameSiteMode

Specifies the SameSite mode for the internal authentication and temp cookie

public SameSiteMode CookieSameSiteMode { get; set; }

Property Value

SameSiteMode

CookieSlidingExpiration

Specifies if the cookie should be sliding or not (only effective if the built-in cookie middleware is used)

public bool CookieSlidingExpiration { get; set; }

Property Value

bool

CoordinateClientLifetimesWithUserSession

When enabled, all clients' token lifetimes (e.g. refresh tokens) will be tied to the user's session lifetime. This means when the user logs out, any revokable tokens will be removed. If using server-side sessions, expired sessions will also remove any revokable tokens, and backchannel logout will be triggered. An individual client can override this setting with its own CoordinateLifetimeWithUserSession configuration setting.

public bool CoordinateClientLifetimesWithUserSession { get; set; }

Property Value

bool

RequireAuthenticatedUserForSignOutMessage

Indicates if user must be authenticated to accept parameters to end session endpoint. Defaults to false.

public bool RequireAuthenticatedUserForSignOutMessage { get; set; }

Property Value

bool

true if required; otherwise, false.

RequireCspFrameSrcForSignout

If set, will require frame-src CSP headers being emitted on the end session callback endpoint which renders iframes to clients for front-channel sign out notification.

public bool RequireCspFrameSrcForSignout { get; set; }

Property Value

bool