Skip to content

Identity Backend Template — organizational overview

The Identity Backend template is the user directory for the platform: accounts, roles, claims, and lifecycle operations that other services rely on. It pairs with the Authorization Server for OAuth/OIDC token issuance and with the API Gateway for secure API access.

Why use this template

  • Single source of truth for people (and often service accounts) across products—fewer “shadow directories” and conflicting profile models.
  • Security baseline aligned with ConnectSoft’s template program: account lifecycle, lockout, MFA-friendly patterns, and audit-friendly operations.
  • SaaS readiness: when configured for multi-tenancy, identity concerns stay explicit instead of being bolted on later under pressure.
  • Faster delivery of customer-facing apps that need sign-in, admin UIs, and integration with the rest of the ConnectSoft stack.

Typical use cases

  • Employee or customer portals where profiles, roles, and admin workflows are first-class.
  • B2B or partner ecosystems that need stable identity APIs behind a gateway and an authorization server.
  • Product suites that must reuse the same identity service across multiple bounded contexts without duplicating ASP.NET Identity wiring in every repo.

Capabilities (what you get)

  • Domain-oriented structure around identity and access data, not a one-file sample app—suitable for long-lived products.
  • Integration-shaped defaults for working with an Authorization Server and API Gateway as part of a standard security story.
  • Operational parity with other Layer 3 templates (health, configuration patterns, observability hooks via Base Template conventions).
  • Extensibility points for branding, policies, and product-specific claims without forking security fundamentals.

Identity platform alignment

Within the ConnectSoft identity platform, this template owns the identity data boundary: users, profiles, credentials, MFA, recovery, roles, claims, tenant membership, external provider links, and account lifecycle. It does not own OAuth/OIDC signing keys, gateway routing, or final resource-server business authorization.

Technical documentation (single hub)

Domain boundaries, Identity integration, scaffolding, solution layout, architecture, parameters, configuration, authentication, resilience, testing, development guidance, detailed use cases, and runbooks are only in ConnectSoft.Documentation under this template.

Identity Backend — technical hub (ConnectSoft.Documentation)

Identity Platform Contracts (ConnectSoft.Documentation)