< Back to Courses

IdentityServer in Production

This course continues where our popular course Securing ASP.NET using OpenID Connect and IdentityServer with a clear focus on getting a complete IdentityServer architecture up and running in a real production environment. You will learn how to avoid many of the pitfalls and snags involved when you’re starting your deployment journey.

When we say that this course is about deploying to production, we really mean it. In this course, we will deploy the services we create to the public internet, using real TLS certificates and automatic build/deployment.

The solution you will deploy contains a client, an API, and a fully configured IdentityServer. We are especially proud that we don’t cheat or cut corners in this all-encompassing course.

Instead, we will, for example:

  • Store configuration data in a separate configuration service
  • Create logs in a separate logging server for analytics and visualization
  • Use real HTTPS certificates
  • Create our own token signing keys
  • Use continuous deployment to deploy our services

This very hands-on course contains extensive exercises that will take you through all the steps involved in creating a successful identity solution.

Target audience

Developers who want to learn step-by-step how to securely deploy an IdentityServer solution to the internet. If you are using any of the previous versions of IdentityServer, this course is still very relevant, as many of the core concepts are the same. 



3 days. This course can either be delivered over 3 full days or 6 half days.

Practical information

Some practical details that can be good to know:

  • We recommend that you have a suitable laptop that can run multiple instances of Visual Studio and at least one big monitor for the optimal experience
  • You need to have Visual Studio 2022 version 17.4 or higher installed
  • In this course, we use ASP.NET Core 7 and IdentityServer 6
  • All course materials are written in English
  • The course can be taught in either Swedish or English
  • Though this course deals with the cloud and containers, it is not the focus of this course, and no cloud/container experience is needed


In this course, we will cover the following:

  • Configuration
  • HTTPS certificates
  • Security
  • Logging
  • Duende IdentityServer
  • Error handling
  • Securing the client
  • Data Protection API
  • Public/Private key encryption
  • Keys, certificates, and PKCS 12 files
  • Creating JWT signing keys using OpenSSL
  • Token signing keys
  • IdentityServer and the database
  • User management
  • Tokens and claims
  • Securing the API
  • Consuming the API
  • Refresh tokens
  • Extending IdentityServer
  • Performance and service resiliency
  • Troubleshooting IdentityServer

And much more…

IdentityServer in Production

Article SKU

3 days or 6 half days


English, Swedish

Contact me for a price enquiry or to submit interest.

Training FAQs

Do you provide both on-site and remote training classes?

Yes, we provide both on-site and remote types of training.

Do you provide training in both Swedish and English?

Yes, both Swedish and English are available. All our course materials are in English and we can teach the class in either Swedish or English.

Do you do half-day training?

For remote training, we have options for both half and full days. When we run trainings on-site, we usually do full-day classes.

Do you do webinars and shorter talks?

Yes, please visit our Talks page for more details.

Do you provide customized courses?

Yes we do that. Contact me for more information.