<ul data-eligibleForWebStory="true"><li>This post explores the implementation of an OpenID Connect client in ASP.NET Core with Keycloak to enforce a level of authentication (LoA) using Aspire hosting platform.</li><li>Keycloak is utilized to set up the OpenID Connect server and enforce authentication requirements, such as LoA1, LoA2, and LoA3.</li><li>The arc_values claim is employed to specify the LoA requirement to Keycloak, with the OnRedirectToIdentityProvider method used to set this value.</li><li>It's crucial to validate the returned level of authentication and the amr claim while implementing this setup to ensure compatibility with different identity providers.</li></ul>

Implement ASP.NET Core OpenID Connect with Keykloak to implement Level of Authentication (LoA) requirements

Discover more