IdentityModel Extensions for .NET

Nuget

The IdentityModel Extensions for .NET library provides robust tools to enhance authentication and authorization workflows in your .NET applications. Backed by the Entra team, this library simplifies working with OpenID Connect (OIDC), OAuth2.0, and JSON Web Tokens (JWT) in .NET.

Whether you're building secure APIs, implementing token validation, or managing claims, this library is designed to handle the heavy lifting for you.

Why IdentityModel?

  • Widely Adopted: Trusted by thousands of developers to integrate OIDC and OAuth2.0 standards.
  • Secure by Design: Built with security as a priority to reduce common vulnerabilities.
  • Extensible: Easily extend or customize for advanced use cases.
  • Battle hardened: Validates 5+ trillion requests daily, and growing.

Versions

You can find the release notes for each version here. Older versions can be found here.

Version Lifecycle and Support Matrix

See Long Term Support policy for details.

Major Version Currently Supported Version Status
8.x from 8.0.1 to Nuget Active (Current) - Tied to .NET 9 (STS) & 10 (LTS) ~ Nov, 2028
7.x 7.7.1 Supported (LTS) through .NET 8 LTS lifetime Nov 10, 2026.<br/>⚠️Versions < 7.7.1 not supported.
5.x 5.7.0 Supported (LTS), tied to the Microsoft.Owin.Security.JWT 4.2.2 lifetime.<br/>⚠️Versions < 5.7.0 not supported.

IdentityModel 8.x

Version 8.x introduces significant updates and improvements:

  • Enhanced Performance: Optimized token validation to handle high-throughput scenarios.
  • .NET Compatibility: Fully compatible with .NET 9.

🧭LTS: Supported through .NET 9 LTS lifetime: May 12, 2026 + .NET 10 LTS (~3 years).

IdentityModel 7.x

IdentityModel 7x introduced several improvements related to serialization and consistency in the API, which provide a better user experience for developers, as well as full AOT compatibility on .NET, and considerable performance improvements compared to IdentityModel 6x.

🧭LTS: Supported through .NET 8 LTS lifetime: Nov 10, 2026.

⚡Recommendation: Move to 8.x.

IdentityModel 6.x

🧭Deprecated: Support ended with .NET 7 LTS lifetime: May 2024.

⚡Action: Move to 8.x.

IdentityModel 5.x

Not a recommended version

🧭LTS: Supported for Microsoft.Owin.Security.JWT

⚡Action: Move to 8.x.

Samples and Documentation

The scenarios supported by IdentityModel extensions for .NET are described in Scenarios. The libraries are in particular used part of ASP.NET security to validate tokens in ASP.NET Web Apps and Web APIs. To learn more about token validation, and find samples, see:

Community Help and Support

Report a bug or request a feature directly in the GitHub repo.

Have a design proposal? Please submit a design proposal before starting work on a PR to ensure it means the goals/objectives of this library and it's priorities.

We leverage Stack Overflow to work with the community on supporting Microsoft Entra and its SDKs, including this one! We highly recommend you ask your questions on Stack Overflow (we're all on there!) Also browse existing issues to see if someone has had your question before.

We recommend you use the "identityModel" tag so we can see it! Here is the latest Q&A on Stack Overflow for IdentityModel: https://stackoverflow.com/questions/tagged/identityModel

Security Reporting

See SECURITY.md

Contributing

All code is licensed under the MIT license and we triage actively on GitHub. We enthusiastically welcome contributions and feedback. See Contributing.md for guidelines, branch information, build instructions, and legalese.

License

Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License (the "License");

We Value and Adhere to the Microsoft Open Source Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 is compatible.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 is compatible.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 is compatible.  net463 was computed.  net47 was computed.  net471 was computed.  net472 is compatible.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 

NuGet packages (115)

Showing the top 5 NuGet packages that depend on Microsoft.IdentityModel.Protocols:

Package Downloads
Microsoft.IdentityModel.Protocols.OpenIdConnect

Includes types that provide support for OpenIdConnect protocol.
Microsoft.IdentityModel.Validators

Includes types that provide token validators.
Microsoft.IdentityModel.Protocols.WsFederation

Includes types that provide support for WsFederation protocol.
Microsoft.Owin.Security.OpenIdConnect

Middleware that enables an application to use OpenIdConnect for authentication.
OpenIddict.Validation

OpenIddict token validation services. Note: this package only contains the generic/host-agnostic validation components. To use the validation feature on ASP.NET Core or OWIN/Katana, reference the OpenIddict.Validation.AspNetCore or OpenIddict.Validation.Owin package.

GitHub repositories (42)

Showing the top 20 popular GitHub repositories that depend on Microsoft.IdentityModel.Protocols:

Repository Stars
chocolatey/choco

Chocolatey - the package manager for Windows

openiddict/openiddict-core

Flexible and versatile OAuth 2.0/OpenID Connect stack for .NET

netwrix/pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time

OrchardCMS/Orchard

Orchard is a free, open source, community-focused Content Management System built on the ASP.NET MVC platform.

Azure/azure-functions-host

The host/runtime that powers Azure Functions

scottksmith95/LINQKit

LINQKit is a free set of extensions for LINQ to SQL and Entity Framework power users.

cloudscribe/cloudscribe

ASP.NET Core multi-tenant web application foundation with management for sites, users, roles, claims and more

OfficeDev/Microsoft-Teams-Samples

Welcome to the Microsoft Teams samples repository. Here you will find task-focused samples in C#, JavaScript and TypeScript to help you get started with the Microsoft Teams App!

Azure/data-api-builder

Data API builder provides modern REST and GraphQL endpoints to your Azure Databases and on-prem stores.

UiPath/CoreWF

WF runtime ported to work on .NET 6

aspnet/AspNetKatana

Microsoft's OWIN implementation, the Katana project

azure-ad-b2c/samples

Azure AD B2C custom policy solutions and samples.

Kyrodan/KeeAnywhere

A cloud storage provider plugin for KeePass Password Safe

cmu-sei/GHOSTS

GHOSTS is a realistic user simulation framework for cyber experimentation, simulation, training, and exercise

ProfessionalCSharp/ProfessionalCSharp7

Code samples for the book Professional C# 7 and .NET Core 2.0 (with updates for 2.1), Wrox Press

microsoft/SqlNexus

SQL Nexus is a tool that helps you identify the root cause of SQL Server performance issues. It loads and analyzes performance data collected by SQL LogScout, SQLDiag or PSSDiag. It can dramatically reduce the amount of time you spend manually analyzing data.

ergulkizilkaya/ReCapProject
trimble-oss/dba-dash

DBA Dash - SQL Server Monitoring Tool

microsoft/BotFramework-BlogSamples

Welcome to the Bot Framework samples repository. Here you will find sample bots that take advantage of Bot Framework capabilities.

Syslifters/offsec-tools

Compiled tools for internal assessments

Version Downloads Last Updated
8.16.0 199,316 2/13/2026
8.15.0 7,981,254 11/18/2025
8.14.0 13,663,264 8/15/2025
8.13.1 970,811 8/8/2025
8.13.0 2,405,436 7/21/2025
8.12.1 6,316,641 6/17/2025
8.12.0 3,829,142 6/3/2025
8.11.0 2,238,399 5/23/2025
8.10.0 1,503,984 5/15/2025
8.9.0 4,970,837 4/24/2025
8.8.0 8,254,631 4/8/2025
8.7.0 3,748,481 3/21/2025
8.6.1 16,855,341 3/7/2025
8.6.0 1,604,330 2/22/2025
8.5.0 1,911,019 2/15/2025
8.4.0 2,648,240 2/7/2025
8.3.1 9,262,358 1/17/2025
8.3.0 10,915,333 12/4/2024
8.2.1 5,255,936 11/15/2024
8.2.0 11,125,201 11/2/2024