05 Install Security Gateway

Security Gateway With Identity Service

Identity Service runs as a separate web application and provides Single-Sign-On (SSO) for ASP.NET Core applications using Open ID connect. It is hosted in a docker container in an Azure Kubernetes Service (AKS) Linux cluster.

It can be used as a gateway in a microservices architecture to provide identity services and to secure web APIs. Identity Service uses the Client Credentials flow to protect ASP.NET Core Web APIs.

You can also use it to provide authorized access to pages in you web application such as “Admin” pages. It provides a simple mechanism to manage users, roles and claims for ASP.NET Core Identity.

All the tasks carried out in Identity Service are done through a simple and intuitive web UI dashboard.


Identity Service requires the following:

Azure SQL Database

Identity Service stores its data in a SQL Database. Install an Azure SQL Database in your azure account or use an existing database and copy the following for use later on :

For detailed instructions on creating an Azure SQL Database, refer to the Azure SQL Server Documentation

SendGrid Email Service

Identity Service requires verification of emails when a user first registers. We use the SendGrid email service for this. Install SendGrid in your Azure account or use an existing installation and copy the SendGrid API Key for use later on. For detailed instructions, refer to the Azure Send Grid Documentation

Install Identity Service

Add the ‘rcl-apps’ Helm repository

helm repo add rcl-apps https://rcladmin.github.io/helm-charts

Update the Helm repository

helm repo update

Run the following command to install Identity Service. Replace the [placeholder] text with your data.

helm install rcl-apps/identityservice --set dbServerName=[db-server-name] --set dbName=[dbname] --set dbUserName=[db-username] --set dbPassword=[db-password] --set sendgridKey=[sendgrid-api-key] --set adminEmail=[admin-email] --set host=[dns-name]

An example of the command with sample values is as follows :

helm install rcl-apps/identityservice --set dbServerName=contoso.database.windows.net --set dbName=contosodb --set dbUserName=contosoadmin --set dbPassword=dffrtwedsfd --set sendgridKey=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 --set adminEmail=contoso@mail.com --set host=contoso.eastus.cloudapp.azure.com

When Identity Service is installed, you can navigate to the site at https://«your-dns-name»/identitysvc


Next Steps

The next article in this website will walk you through creating an Azure Service Bus messaging service.

Next Article : Messaging Service