Add README.md files for all basic samples and add them to samples.slnx

IdentityServer/v7/Basics/ClientCredentials/README.md

@@ -0,0 +1,11 @@
+# Client Credentials sample
+
+This sample shows how to use the client_credentials grant type. This is typically used for machine to machine communication.
+
+Key takeaways:
+
+- how to request a token using client credentials
+- how to use a shared secret
+- how to use an access token
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v7/Basics/Introspection/README.md

@@ -0,0 +1,18 @@
+# Introspection and reference tokens sample
+
+This sample shows how to use the reference tokens instead of JWTs.
+
+### Things of interest:
+
+- the client registration uses AccessTokenType of value Reference
+- the client requests scope2 - this scope is part of an API resource.
+- API resources allow defining API secrets, which can then be used to access the introspection endpoint
+- The API supports both JWT and reference tokens, this is achieved by forwarding the token to the right handler at runtime
+
+### Key takeaways:
+
+- configuring a client to receive reference tokens
+- set up an API resource with an API secret
+- configure an API to accept and validate reference tokens
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v7/Basics/JwtBasedClientAuthentication/README.md

@@ -0,0 +1,11 @@
+# JWT-based Client Authentication sample
+
+This sample shows how to use the client_credentials grant type with JWT-based client authentication. This authentication method is more recommended than shared secrets.
+
+### Key takeaways:
+
+- create a JWT for client authentication
+- use a JWT as a client secret replacement
+- configure IdentityServer to accept a JWT as a client secret
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v7/Basics/MvcBackChannelLogout/README.md

@@ -0,0 +1,10 @@
+# MVC Client with Back-Channel Logout Notifications sample
+
+This sample shows how to use back-channel logout notifications.
+
+### Key takeaways:
+
+- how to implement the back-channel notification endpoint
+- how to leverage events on the cookie handler to invalidate the user session
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v7/Basics/MvcBasic/README.md

@@ -0,0 +1,13 @@
+# MVC Client sample
+
+This sample shows how to use the authorization_code grant type. This is typically used for interactive applications like web applications.
+
+### Key takeaways:
+
+- configure an MVC client to use IdentityServer
+- access tokens in ASP.NET Core’s authentication session
+- call an API
+- manually refresh tokens
+
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v7/Basics/MvcJarJwt/README.md

@@ -0,0 +1,12 @@
+# MVC Client with JAR and JWT-based Authentication sample
+
+This sample shows how to use signed authorize requests, and JWT-based authentication for clients in MVC. It also shows how to integrate that technique with automatic token management.
+
+### Key takeaways:
+
+- use the ASP.NET Core extensibility points to add signed authorize requests and JWT-based authentication
+- use JWT-based authentication for automatic token management
+- configure a client in IdentityServer to share key material for both front- and back-channel
+
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v7/Basics/MvcPar/README.md

@@ -0,0 +1,15 @@
+# MVC Client with Pushed Authorization Requests sample
+
+This sample shows how to use Pushed Authorization Requests (PAR).
+
+### Key takeaways:
+
+- how to enable PAR in the client configuration
+- how to add support for PAR to the ASP.NET OIDC authentication handler. The main idea is to use the events in the handler to push the parameters before redirecting to the authorize endpoint, and then replace the parameters that would normally be sent in that redirect with the resulting request uri. See the ParOidcEvents.cs file for more details.
+
+### This sample is only relevant if you’re using .NET 8 or lower.
+
+.NET 9 and higher versions have support for PAR built-in, and the ASP.NET Core OIDC authentication handler will automatically use PAR when the authority supports it, based on the discovery metadata.
+
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v7/Basics/MvcTokenManagement/README.md

@@ -0,0 +1,14 @@
+# MVC Client with automatic Access Token Management sample
+
+This sample shows how to use Duende.AccessTokenManagement to automatically manage access tokens.
+
+The sample uses a special client in the sample IdentityServer with a short token lifetime (75 seconds). When repeating the API call, make sure you inspect the returned iat and exp claims to observer how the token is slides.
+
+You can also turn on debug tracing to get more insights in the token management library.
+
+### Key takeaways:
+
+- use Duende.AccessTokenManagement to automate refreshing tokens
+
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v8/Basics/ClientCredentials/README.md

@@ -0,0 +1,11 @@
+# Client Credentials sample
+
+This sample shows how to use the client_credentials grant type. This is typically used for machine to machine communication.
+
+Key takeaways:
+
+- how to request a token using client credentials
+- how to use a shared secret
+- how to use an access token
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v8/Basics/Introspection/README.md

@@ -0,0 +1,18 @@
+# Introspection and reference tokens sample
+
+This sample shows how to use the reference tokens instead of JWTs.
+
+### Things of interest:
+
+- the client registration uses AccessTokenType of value Reference
+- the client requests scope2 - this scope is part of an API resource.
+- API resources allow defining API secrets, which can then be used to access the introspection endpoint
+- The API supports both JWT and reference tokens, this is achieved by forwarding the token to the right handler at runtime
+
+### Key takeaways:
+
+- configuring a client to receive reference tokens
+- set up an API resource with an API secret
+- configure an API to accept and validate reference tokens
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v8/Basics/JwtBasedClientAuthentication/README.md

@@ -0,0 +1,11 @@
+# JWT-based Client Authentication sample
+
+This sample shows how to use the client_credentials grant type with JWT-based client authentication. This authentication method is more recommended than shared secrets.
+
+### Key takeaways:
+
+- create a JWT for client authentication
+- use a JWT as a client secret replacement
+- configure IdentityServer to accept a JWT as a client secret
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v8/Basics/MvcBackChannelLogout/README.md

@@ -0,0 +1,10 @@
+# MVC Client with Back-Channel Logout Notifications sample
+
+This sample shows how to use back-channel logout notifications.
+
+### Key takeaways:
+
+- how to implement the back-channel notification endpoint
+- how to leverage events on the cookie handler to invalidate the user session
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v8/Basics/MvcBasic/README.md

@@ -0,0 +1,13 @@
+# MVC Client sample
+
+This sample shows how to use the authorization_code grant type. This is typically used for interactive applications like web applications.
+
+### Key takeaways:
+
+- configure an MVC client to use IdentityServer
+- access tokens in ASP.NET Core’s authentication session
+- call an API
+- manually refresh tokens
+
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v8/Basics/MvcJarJwt/README.md

@@ -0,0 +1,12 @@
+# MVC Client with JAR and JWT-based Authentication sample
+
+This sample shows how to use signed authorize requests, and JWT-based authentication for clients in MVC. It also shows how to integrate that technique with automatic token management.
+
+### Key takeaways:
+
+- use the ASP.NET Core extensibility points to add signed authorize requests and JWT-based authentication
+- use JWT-based authentication for automatic token management
+- configure a client in IdentityServer to share key material for both front- and back-channel
+
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v8/Basics/MvcPar/README.md

@@ -0,0 +1,15 @@
+# MVC Client with Pushed Authorization Requests sample
+
+This sample shows how to use Pushed Authorization Requests (PAR).
+
+### Key takeaways:
+
+- how to enable PAR in the client configuration
+- how to add support for PAR to the ASP.NET OIDC authentication handler. The main idea is to use the events in the handler to push the parameters before redirecting to the authorize endpoint, and then replace the parameters that would normally be sent in that redirect with the resulting request uri. See the ParOidcEvents.cs file for more details.
+
+### This sample is only relevant if you’re using .NET 8 or lower.
+
+.NET 9 and higher versions have support for PAR built-in, and the ASP.NET Core OIDC authentication handler will automatically use PAR when the authority supports it, based on the discovery metadata.
+
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

IdentityServer/v8/Basics/MvcTokenManagement/README.md

@@ -0,0 +1,14 @@
+# MVC Client with automatic Access Token Management sample
+
+This sample shows how to use Duende.AccessTokenManagement to automatically manage access tokens.
+
+The sample uses a special client in the sample IdentityServer with a short token lifetime (75 seconds). When repeating the API call, make sure you inspect the returned iat and exp claims to observer how the token is slides.
+
+You can also turn on debug tracing to get more insights in the token management library.
+
+### Key takeaways:
+
+- use Duende.AccessTokenManagement to automate refreshing tokens
+
+
+ Please take a look [here](https://docs.duendesoftware.com/identityserver/samples) to learn about the structure of our samples and how to run them.

samples.slnx

@@ -206,35 +206,43 @@
   <Folder Name="/IdentityServer/v7/Basics/" />
   <Folder Name="/IdentityServer/v7/Basics/ClientCredentials/">
     <Project Path="IdentityServer/v7/Basics/ClientCredentials/src/Client.csproj" />
+    <File Path="IdentityServer\v7\Basics\ClientCredentials\README.md" />
     <Project Path="IdentityServer/v7/Basics/ClientCredentials/ClientCredentials.AppHost/ClientCredentials.AppHost.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v7/Basics/Introspection/">
+    <File Path="IdentityServer\v7\Basics\Introspection\README.md" />
     <Project Path="IdentityServer/v7/Basics/Introspection/Introspection.AppHost/Introspection.AppHost.csproj" />
     <Project Path="IdentityServer/v7/Basics/Introspection/src/Client.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v7/Basics/JwtBasedClientAuthentication/">
     <File Path="IdentityServer\v7\Basics\JwtBasedClientAuthentication\JwtBasedClientAuthentication.slnx" />
     <Project Path="IdentityServer/v7/Basics/JwtBasedClientAuthentication/src/Client.csproj" />
+    <File Path="IdentityServer\v7\Basics\JwtBasedClientAuthentication\README.md" />
     <Project Path="IdentityServer/v7/Basics/JwtBasedClientAuthentication/JwtBasedClientAuthentication.AppHost/JwtBasedClientAuthentication.AppHost.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v7/Basics/MvcBackChannelLogout/">
+    <File Path="IdentityServer\v7\Basics\MvcBackChannelLogout\README.md" />
     <Project Path="IdentityServer/v7/Basics/MvcBackChannelLogout/MvcBackChannelLogout.AppHost/MvcBackChannelLogout.AppHost.csproj" />
     <Project Path="IdentityServer/v7/Basics/MvcBackChannelLogout/src/Client.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v7/Basics/MvcBasic/">
+    <File Path="IdentityServer\v7\Basics\MvcBasic\README.md" />
     <Project Path="IdentityServer/v7/Basics/MvcBasic/MvcBasic.AppHost/MvcBasic.AppHost.csproj" />
     <Project Path="IdentityServer/v7/Basics/MvcBasic/src/Client.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v7/Basics/MvcJarJwt/">
+    <File Path="IdentityServer\v7\Basics\MvcJarJwt\README.md" />
     <Project Path="IdentityServer/v7/Basics/MvcJarJwt/MvcJarJwt.AppHost/MvcJarJwt.AppHost.csproj" />
     <Project Path="IdentityServer/v7/Basics/MvcJarJwt/src/Client.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v7/Basics/MvcPar/">
     <Project Path="IdentityServer/v7/Basics/MvcPar/src/Client.csproj" />
+    <File Path="IdentityServer\v7\Basics\MvcPar\README.md" />
     <Project Path="IdentityServer/v7/Basics/MvcPar/MvcPar.AppHost/MvcPar.AppHost.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v7/Basics/MvcTokenManagement/">
     <Project Path="IdentityServer/v7/Basics/MvcTokenManagement/src/Client.csproj" />
+    <File Path="IdentityServer\v7\Basics\MvcTokenManagement\README.md" />
     <Project Path="IdentityServer/v7/Basics/MvcTokenManagement/MvcTokenManagement.AppHost/MvcTokenManagement.AppHost.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v7/Configuration/" />
@@ -440,35 +448,43 @@
   <Folder Name="/IdentityServer/v8/Basics/" />
   <Folder Name="/IdentityServer/v8/Basics/ClientCredentials/">
     <Project Path="IdentityServer/v8/Basics/ClientCredentials/src/Client.csproj" />
+    <File Path="IdentityServer\v8\Basics\ClientCredentials\README.md" />
     <Project Path="IdentityServer/v8/Basics/ClientCredentials/ClientCredentials.AppHost/ClientCredentials.AppHost.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v8/Basics/Introspection/">
+    <File Path="IdentityServer\v8\Basics\Introspection\README.md" />
     <Project Path="IdentityServer/v8/Basics/Introspection/Introspection.AppHost/Introspection.AppHost.csproj" />
     <Project Path="IdentityServer/v8/Basics/Introspection/src/Client.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v8/Basics/JwtBasedClientAuthentication/">
     <File Path="IdentityServer\v8\Basics\JwtBasedClientAuthentication\JwtBasedClientAuthentication.slnx" />
     <Project Path="IdentityServer/v8/Basics/JwtBasedClientAuthentication/src/Client.csproj" />
+    <File Path="IdentityServer\v8\Basics\JwtBasedClientAuthentication\README.md" />
     <Project Path="IdentityServer/v8/Basics/JwtBasedClientAuthentication/JwtBasedClientAuthentication.AppHost/JwtBasedClientAuthentication.AppHost.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v8/Basics/MvcBackChannelLogout/">
+    <File Path="IdentityServer\v8\Basics\MvcBackChannelLogout\README.md" />
     <Project Path="IdentityServer/v8/Basics/MvcBackChannelLogout/MvcBackChannelLogout.AppHost/MvcBackChannelLogout.AppHost.csproj" />
     <Project Path="IdentityServer/v8/Basics/MvcBackChannelLogout/src/Client.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v8/Basics/MvcBasic/">
+    <File Path="IdentityServer\v8\Basics\MvcBasic\README.md" />
     <Project Path="IdentityServer/v8/Basics/MvcBasic/MvcBasic.AppHost/MvcBasic.AppHost.csproj" />
     <Project Path="IdentityServer/v8/Basics/MvcBasic/src/Client.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v8/Basics/MvcJarJwt/">
+    <File Path="IdentityServer\v8\Basics\MvcJarJwt\README.md" />
     <Project Path="IdentityServer/v8/Basics/MvcJarJwt/MvcJarJwt.AppHost/MvcJarJwt.AppHost.csproj" />
     <Project Path="IdentityServer/v8/Basics/MvcJarJwt/src/Client.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v8/Basics/MvcPar/">
     <Project Path="IdentityServer/v8/Basics/MvcPar/src/Client.csproj" />
+    <File Path="IdentityServer\v8\Basics\MvcPar\README.md" />
     <Project Path="IdentityServer/v8/Basics/MvcPar/MvcPar.AppHost/MvcPar.AppHost.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v8/Basics/MvcTokenManagement/">
     <Project Path="IdentityServer/v8/Basics/MvcTokenManagement/src/Client.csproj" />
+    <File Path="IdentityServer\v8\Basics\MvcTokenManagement\README.md" />
     <Project Path="IdentityServer/v8/Basics/MvcTokenManagement/MvcTokenManagement.AppHost/MvcTokenManagement.AppHost.csproj" />
   </Folder>
   <Folder Name="/IdentityServer/v8/Configuration/" />