Modern applications require modern security and the OpenID Connect and OAuth2 security protocols are designed to meet this need. To achieve a modern security architecture you must then use something called a “security token service” that implements these protocols. IdentityServer is a popular open source security token service framework written in ASP.NET Core that implements the OpenID Connect and OAuth2 protocols. It is used to authenticate users via single sign-on and to secure web APIs. It is designed for extensibility and customization and allows applications to satisfy their custom security requirements. It can be used stand-alone or in conjunction with other identity providers (such as Google, Facebook, AAD, ADFS, Auth0, and others). Come to this session to be introduced to the basics of using, hosting, and configuring IdentityServer to secure your applications.