dotnet
diff --git a/‎.openpublishing.redirection.core.json‎
Lines changed: 4 additions & 0 deletions b/‎.openpublishing.redirection.core.json‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎docs/architecture/cloud-native/identity-server.md‎
Lines changed: 41 additions & 46 deletions b/‎docs/architecture/cloud-native/identity-server.md‎
Lines changed: 41 additions & 46 deletions
diff --git a/‎docs/azure/includes/dotnet-all.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/azure/includes/dotnet-all.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/azure/includes/dotnet-new.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/azure/includes/dotnet-new.md‎
Lines changed: 1 addition & 1 deletion
@@ -342,6 +342,10 @@
             "source_path_from_root": "/docs/core/compatibility/windows-forms/8.0/anchor-layout.md",
             "redirect_url": "/dotnet/core/compatibility/8.0"
         },
+        {
+            "source_path_from_root": "/docs/core/compatibility/windows-forms/9.0/statusstrip-renderer.md",
+            "redirect_url": "/dotnet/core/compatibility/9.0"
+        },
         {
             "source_path_from_root": "/docs/core/deploying/applications.md",
             "redirect_url": "/dotnet/core/deploying/index"
 
@@ -1,7 +1,7 @@
 ---
 title: IdentityServer for Cloud Native Apps
 description: Architecting Cloud Native .NET Apps for Azure | IdentityServer
-ms.date: 04/06/2022
+ms.date: 02/06/2025
 ---
 
 # IdentityServer for cloud-native applications
@@ -26,7 +26,7 @@ Typically, applications need to support some or all of the following scenarios:
 
 In each of these scenarios, the exposed functionality needs to be secured against unauthorized use. At a minimum, this typically requires authenticating the user or principal making a request for a resource. This authentication may use one of several common protocols such as SAML2p, WS-Fed, or OpenID Connect. Communicating with APIs typically uses the OAuth2 protocol and its support for security tokens. Separating these critical cross-cutting security concerns and their implementation details from the applications themselves ensures consistency and improves security and maintainability. Outsourcing these concerns to a dedicated product like IdentityServer helps the requirement for every application to solve these problems itself.
 
-IdentityServer provides middleware that runs within an ASP.NET Core application and adds support for OpenID Connect and OAuth2 (see [supported specifications](https://docs.duendesoftware.com/identityserver/v6/overview/specs/)). Organizations would create their own ASP.NET Core app using IdentityServer middleware to act as the STS for all of their token-based security protocols. The IdentityServer middleware exposes endpoints to support standard functionality, including:
+IdentityServer provides middleware that runs within an ASP.NET Core application and adds support for OpenID Connect and OAuth2 (see [supported specifications](https://docs.duendesoftware.com/identityserver/v7/overview/specs/)). Organizations would create their own ASP.NET Core app using IdentityServer middleware to act as the STS for all of their token-based security protocols. The IdentityServer middleware exposes endpoints to support standard functionality, including:
 
 - Authorize (authenticate the end user)
 - Token (request a token programmatically)
@@ -39,71 +39,66 @@ IdentityServer provides middleware that runs within an ASP.NET Core application
 
 ## Getting started
 
-IdentityServer4 is available under dual license:  
+IdentityServer is available:  
 
-* RPL - lets you use the IdentityServer4 free if used in open-source work
-* Paid - lets you use the IdentityServer4 in a commercial scenario
+* With a community license, which lets you use the [IdentityServer free for small companies and non-profits](https://duendesoftware.com/products/communityedition) (conditions apply)
+* Paid, which lets you use the IdentityServer [in a commercial scenario](https://duendesoftware.com/products/identityserver)
 
 For more information about pricing, see the official product's [pricing page](https://duendesoftware.com/products/identityserver).
 
-You can add it to your applications using its NuGet packages. The main package is [IdentityServer4](https://www.nuget.org/packages/IdentityServer4/), which has been downloaded over four million times. The base package doesn't include any user interface code and only supports in-memory configuration. To use it with a database, you'll also want a data provider like [IdentityServer4.EntityFramework](https://www.nuget.org/packages/IdentityServer4.EntityFramework), which uses Entity Framework Core to store configuration and operational data for IdentityServer. For user interface, you can copy files from the [Quickstart UI repository](https://github.com/IdentityServer/IdentityServer4.Quickstart.UI) into your ASP.NET Core MVC application to add support for sign in and sign out using IdentityServer middleware.
+You can add it to your applications using its NuGet packages. The main package is [IdentityServer](https://www.nuget.org/packages/Duende.IdentityServer/), which has been downloaded over four million times. The base package doesn't include any user interface code and only supports in-memory configuration. To use it with a database, you'll also want a data provider like [Duende.IdentityServer.Storage](https://www.nuget.org/packages/Duende.IdentityServer.Storage), which uses Entity Framework Core to store configuration and operational data for IdentityServer. For user interface, you can copy files from the [Quickstart UI repository](https://github.com/DuendeSoftware/IdentityServer.Quickstart.UI) into your ASP.NET Core MVC application to add support for sign in and sign out using IdentityServer middleware.
 
 ## Configuration
 
-IdentityServer supports different kinds of protocols and social authentication providers that can be configured as part of each custom installation. This is typically done in the ASP.NET Core application's `Program` class (or in the `Startup` class in the `ConfigureServices` method). The configuration involves specifying the supported protocols and the paths to the servers and endpoints that will be used. Figure 8-2 shows an example configuration taken from the IdentityServer4 Quickstart UI project:
+IdentityServer supports different kinds of protocols and social authentication providers that can be configured as part of each custom installation. This is typically done in the ASP.NET Core application's `Program` class (or in the `Startup` class in the `ConfigureServices` method). The configuration involves specifying the supported protocols and the paths to the servers and endpoints that will be used. Figure 8-2 shows an example configuration taken from the [IdentityServer Quickstart for ASP.NET Core applications](https://docs.duendesoftware.com/identityserver/v7/quickstarts/2_interactive/) project:
 
 ```csharp
-public class Startup
-{
-    public void ConfigureServices(IServiceCollection services)
+// some details omitted
+builder.Services.AddIdentityServer();
+
+builder.Services.AddAuthentication(options =>
+    {
+        options.DefaultScheme = "Cookies";
+        options.DefaultChallengeScheme = "oidc";
+    })
+    .AddCookie("Cookies")
+    .AddGoogle("Google", options =>
+    {
+        options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
+
+        options.ClientId = "<insert here>";
+        options.ClientSecret = "<insert here>";
+    })
+    .AddOpenIdConnect("oidc", options =>
     {
-        services.AddMvc();
-
-        // some details omitted
-        services.AddIdentityServer();
-
-          services.AddAuthentication()
-            .AddGoogle("Google", options =>
-            {
-                options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
-
-                options.ClientId = "<insert here>";
-                options.ClientSecret = "<insert here>";
-            })
-            .AddOpenIdConnect("demoidsrv", "IdentityServer", options =>
-            {
-                options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
-                options.SignOutScheme = IdentityServerConstants.SignoutScheme;
-
-                options.Authority = "https://demo.identityserver.io/";
-                options.ClientId = "implicit";
-                options.ResponseType = "id_token";
-                options.SaveTokens = true;
-                options.CallbackPath = new PathString("/signin-idsrv");
-                options.SignedOutCallbackPath = new PathString("/signout-callback-idsrv");
-                options.RemoteSignOutPath = new PathString("/signout-idsrv");
-
-                options.TokenValidationParameters = new TokenValidationParameters
-                {
-                    NameClaimType = "name",
-                    RoleClaimType = "role"
-                };
-            });
-    }
+        options.Authority = "https://localhost:5001";
+
+        options.ClientId = "web";
+        options.ClientSecret = "secret";
+        options.ResponseType = "code";
+
+        options.Scope.Clear();
+        options.Scope.Add("openid");
+        options.Scope.Add("profile");
+
+        options.MapInboundClaims = false; // Don't rename claim types
+
+        options.SaveTokens = true;
+    });
 }
 ```
 
 **Figure 8-2**. Configuring IdentityServer.
 
 ## JavaScript clients
 
-Many cloud-native applications use server-side APIs and rich client single page applications (SPAs) on the front end. IdentityServer ships a [JavaScript client](https://docs.duendesoftware.com/identityserver/v6/quickstarts/js_clients/) (`oidc-client.js`) via NPM that can be added to SPAs to enable them to use IdentityServer for sign in, sign out, and token-based authentication of web APIs.
+Many cloud-native applications use server-side APIs and rich client single page applications (SPAs) on the front end. IdentityServer ships a [JavaScript client](https://docs.duendesoftware.com/identityserver/v7/quickstarts/js_clients/) (`oidc-client.js`) via NPM that can be added to SPAs to enable them to use IdentityServer for sign in, sign out, and token-based authentication of web APIs. In addition, you can use a [backend-for-frontend (BFF)](https://docs.duendesoftware.com/identityserver/v7/quickstarts/js_clients/js_with_backend/) that implements all of the security protocol interactions with the token server and the IETF's [OAuth 2.0 for Browser-Based Applications spec](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps).
 
 ## References
 
-- [IdentityServer documentation](https://docs.duendesoftware.com/identityserver/v6/)
+- [IdentityServer documentation](https://docs.duendesoftware.com/identityserver/v7/)
 - [Application types](/azure/active-directory/develop/app-types)
-- [JavaScript OIDC client](https://docs.duendesoftware.com/identityserver/v6/quickstarts/js_clients/)
+- [JavaScript OIDC client](https://docs.duendesoftware.com/identityserver/v7/quickstarts/js_clients/)
 
 >[!div class="step-by-step"]
 >[Previous](azure-active-directory.md)
 
@@ -118,7 +118,7 @@
 | WCF Storage Queues | NuGet [1.0.0-beta.1](https://www.nuget.org/packages/Microsoft.WCF.Azure.StorageQueues/1.0.0-beta.1) | [docs](/dotnet/api/overview/azure/Microsoft.WCF.Azure.StorageQueues-readme?view=azure-dotnet-preview&amp;preserve-view=true) | GitHub [1.0.0-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.WCF.Azure.StorageQueues_1.0.0-beta.1/sdk/extension-wcf/Microsoft.WCF.Azure.StorageQueues/) |
 | Web PubSub | NuGet [1.4.0](https://www.nuget.org/packages/Azure.Messaging.WebPubSub/1.4.0) | [docs](/dotnet/api/overview/azure/Messaging.WebPubSub-readme) | GitHub [1.4.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Messaging.WebPubSub_1.4.0/sdk/webpubsub/Azure.Messaging.WebPubSub/) |
 | Web PubSub Client | NuGet [1.0.0](https://www.nuget.org/packages/Azure.Messaging.WebPubSub.Client/1.0.0) | [docs](/dotnet/api/overview/azure/Messaging.WebPubSub.Client-readme) | GitHub [1.0.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Messaging.WebPubSub.Client_1.0.0/sdk/webpubsub/Azure.Messaging.WebPubSub.Client/) |
-| Azure client library integration for ASP.NET Core | NuGet [1.9.0](https://www.nuget.org/packages/Microsoft.Extensions.Azure/1.9.0) | [docs](/dotnet/api/overview/azure/Microsoft.Extensions.Azure-readme) | GitHub [1.9.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Extensions.Azure_1.9.0/sdk/extensions/Microsoft.Extensions.Azure/) |
+| Azure client library integration for ASP.NET Core | NuGet [1.10.0](https://www.nuget.org/packages/Microsoft.Extensions.Azure/1.10.0) | [docs](/dotnet/api/overview/azure/Microsoft.Extensions.Azure-readme) | GitHub [1.10.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Extensions.Azure_1.10.0/sdk/extensions/Microsoft.Extensions.Azure/) |
 | Blob Storage Key Store for .NET Data Protection | NuGet [1.4.0](https://www.nuget.org/packages/Azure.Extensions.AspNetCore.DataProtection.Blobs/1.4.0) | [docs](/dotnet/api/overview/azure/Extensions.AspNetCore.DataProtection.Blobs-readme) | GitHub [1.4.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Extensions.AspNetCore.DataProtection.Blobs_1.4.0/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Blobs/) |
 | CloudNative CloudEvents with Event Grid  | NuGet [1.0.0](https://www.nuget.org/packages/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents/1.0.0) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents-readme) | GitHub [1.0.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents_1.0.0/sdk/eventgrid/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents/) |
 | Core - Client - Spatial | NuGet [1.1.0](https://www.nuget.org/packages/Microsoft.Azure.Core.Spatial/1.1.0)<br>NuGet [1.2.0-beta.1](https://www.nuget.org/packages/Microsoft.Azure.Core.Spatial/1.2.0-beta.1) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.Core.Spatial-readme) | GitHub [1.1.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Core.Spatial_1.1.0/sdk/core/Microsoft.Azure.Core.Spatial/)<br>GitHub [1.2.0-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Core.Spatial_1.2.0-beta.1/sdk/core/Microsoft.Azure.Core.Spatial/) |
 
@@ -123,7 +123,7 @@
 | WCF Storage Queues | NuGet [1.0.0-beta.1](https://www.nuget.org/packages/Microsoft.WCF.Azure.StorageQueues/1.0.0-beta.1) | [docs](/dotnet/api/overview/azure/Microsoft.WCF.Azure.StorageQueues-readme?view=azure-dotnet-preview&amp;preserve-view=true) | GitHub [1.0.0-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.WCF.Azure.StorageQueues_1.0.0-beta.1/sdk/extension-wcf/Microsoft.WCF.Azure.StorageQueues/) |
 | Web PubSub | NuGet [1.4.0](https://www.nuget.org/packages/Azure.Messaging.WebPubSub/1.4.0) | [docs](/dotnet/api/overview/azure/Messaging.WebPubSub-readme) | GitHub [1.4.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Messaging.WebPubSub_1.4.0/sdk/webpubsub/Azure.Messaging.WebPubSub/) |
 | Web PubSub Client | NuGet [1.0.0](https://www.nuget.org/packages/Azure.Messaging.WebPubSub.Client/1.0.0) | [docs](/dotnet/api/overview/azure/Messaging.WebPubSub.Client-readme) | GitHub [1.0.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Messaging.WebPubSub.Client_1.0.0/sdk/webpubsub/Azure.Messaging.WebPubSub.Client/) |
-| Azure client library integration for ASP.NET Core | NuGet [1.9.0](https://www.nuget.org/packages/Microsoft.Extensions.Azure/1.9.0) | [docs](/dotnet/api/overview/azure/Microsoft.Extensions.Azure-readme) | GitHub [1.9.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Extensions.Azure_1.9.0/sdk/extensions/Microsoft.Extensions.Azure/) |
+| Azure client library integration for ASP.NET Core | NuGet [1.10.0](https://www.nuget.org/packages/Microsoft.Extensions.Azure/1.10.0) | [docs](/dotnet/api/overview/azure/Microsoft.Extensions.Azure-readme) | GitHub [1.10.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Extensions.Azure_1.10.0/sdk/extensions/Microsoft.Extensions.Azure/) |
 | Blob Storage Key Store for .NET Data Protection | NuGet [1.4.0](https://www.nuget.org/packages/Azure.Extensions.AspNetCore.DataProtection.Blobs/1.4.0) | [docs](/dotnet/api/overview/azure/Extensions.AspNetCore.DataProtection.Blobs-readme) | GitHub [1.4.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Extensions.AspNetCore.DataProtection.Blobs_1.4.0/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Blobs/) |
 | CloudNative CloudEvents with Event Grid  | NuGet [1.0.0](https://www.nuget.org/packages/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents/1.0.0) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents-readme) | GitHub [1.0.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents_1.0.0/sdk/eventgrid/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents/) |
 | Core - Client - Spatial | NuGet [1.1.0](https://www.nuget.org/packages/Microsoft.Azure.Core.Spatial/1.1.0)<br>NuGet [1.2.0-beta.1](https://www.nuget.org/packages/Microsoft.Azure.Core.Spatial/1.2.0-beta.1) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.Core.Spatial-readme) | GitHub [1.1.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Core.Spatial_1.1.0/sdk/core/Microsoft.Azure.Core.Spatial/)<br>GitHub [1.2.0-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Core.Spatial_1.2.0-beta.1/sdk/core/Microsoft.Azure.Core.Spatial/) |