IdentityServer.LdapExtension 1.0.0

There is a newer version of this package available.
See the version list below for details.
Install-Package IdentityServer.LdapExtension -Version 1.0.0
dotnet add package IdentityServer.LdapExtension --version 1.0.0
<PackageReference Include="IdentityServer.LdapExtension" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add IdentityServer.LdapExtension --version 1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: IdentityServer.LdapExtension, 1.0.0"
#r directive can be used in F# Interactive, C# scripting and .NET Interactive. Copy this into the interactive tool or source code of the script to reference the package.
// Install IdentityServer.LdapExtension as a Cake Addin
#addin nuget:?package=IdentityServer.LdapExtension&version=1.0.0

// Install IdentityServer.LdapExtension as a Cake Tool
#tool nuget:?package=IdentityServer.LdapExtension&version=1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Build status


IdentityServer4 Ldap Extension (OpenLdap or ActiveDirectory).

Table of content


<a name="installation"/>

The plugin is easy to install to your solution. Built using .Net Standard 2.0. The Nuget package can be installed by either searching the package IdentityServer.LdapExtension or by typing the following command in your package console:

Install-Package IdentityServer.LdapExtension

Configuration on IdentityServer4 server

<a name="IS.BaseConfiguration"/>

An easy extension method have been created in order to add the LDAP as a provider to your IdentityServer. For this you simply have to use the AddLdapUsers<TApplicationUser>(LdapConfigSection, StoreTypeOrCustomStore). The configuration has to be provided or it won't work. The configuration is described here.

In the Startup.cs under ConfigureServices method, you will have something similar to the following by default (Starter pack for IdentityServer). The last line is what you will need to add in order to get started.

// ... Code ...
    .AddLdapUsers<OpenLdapAppUser>(Configuration.GetSection("ldap"), UserStore.InMemory);
// ... Code ...

Application User: 2 (OpenLdapAppUser, ActiveDirectoryAppUser) have been provided with this extension, but you can use your own as long as you implement the interface IAppUser. I encourrage you to provide your own implementation. You might want to have claims/roles based on an active directory group or your attributes within LDAP are not the one I have defined.

Store types:

  1. UserStore.InMemory: Can be used when you test locally. It stores the logged in user in memory in order to avoid querying the LDAP server over and over. It is also used in order to store the external logged in user details (Google, Facebook, etc.).
  2. UserStore.Redis: Same as in memory, but is persisted and will be ready when you restart.
  3. ILdapUserStore implementation: Build your own store implementation and pass it as a parameter.

AppSettings Configuration

<a name="IS.AppSettings"/>

The appsettings.json will require a configuration for the extension. Here's an example using OpenLdap:

  "ldap": { // Name can be of your choosing
    "url": "localhost",
    "port": 389,
    "bindDn": "cn=ldap-ro,dc=contoso,dc=com",
    "bindCredentials": "P@ss1W0Rd!",
    "searchBase": "ou=users,DC=contoso,dc=com",
    "searchFilter": "(&(objectClass=posixAccount)(objectClass=person)(uid={0}))"
    // "redis": "localhost:32771,ssl=false", // Required if using UserStore.Redis 

If you want to see a working demo, you can open the implementation available the sample folder. It is based on the QuickStart from IdentityServer4 WebSite.

You don't have a LDAP for your tests?

<a name="Ldap.Test"/>

It's not a big problem. I wrote a small tutorial/article in order to setup an entire OpenLdap server within Docker in order to not pollute your PC and also to avoid relying on network admnistrator. That way you can play with existing users or create your own users directory. The tutorial/article is available at

Features in progress

<a name="NewFeature"/>

I plan to work on the following:

  • Create a demo page using VueJS + Dotnet instead of Angular demo.
  • Implement the SSL
  • Implement a cache invalidation based on time (After x time without being hit, remove from redis or from memory).


  • Me, the author of the package (@Nordes)

Thanks to:

  • @marianahycit


<a name="license"/>


Regarding the IdentityServer4 Sample - Apache 2 (due to original code a bit updated)

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
3.1.0 2,374 4/14/2021
2.1.49 18,186 6/10/2020
2.1.29 12,693 1/29/2020
2.1.13 2,425 11/29/2019
2.1.8 14,874 4/11/2019
2.1.7 2,551 3/5/2019
2.1.0 2,701 12/1/2018
2.0.0 1,674 11/10/2018
1.0.0 2,280 4/22/2018