Skills
.Work. You
Rest

identity-security-hardening

Official

End-to-end hardening for IdentityServer.

Software Engineering#csp#rate-limiting#cors#oauth2#tls#security-hardening#identityserver
AuthorDuendeSoftware
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Security hardening for Duende IdentityServer deployments, covering TLS, key management, CSP, CORS, rate limiting, token lifetimes, PKCE, and session controls to reduce attack surface.

Core Features & Use Cases

  • Comprehensive guidance for production-grade IdentityServer hardening across transport, keys, tokens, and UI.
  • Practical patterns for HTTPS/HSTS, key rotation, CSP/CORS, rate limiting, and back-channel logout.
  • Use Case: Security-conscious deployments requiring RFC-aligned security patterns and compliance-ready configurations.

Quick Start

Read this Skill to implement a multi-pattern hardening plan in a live IdentityServer environment.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: identity-security-hardening
Download link: https://github.com/DuendeSoftware/duende-skills/archive/main.zip#identity-security-hardening

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.