DuendeSoftware · RolandGuijt · Oct 23, 2024 · Oct 23, 2024 · Oct 23, 2024
diff --git a/FOSS/content/AccessTokenManagement/Advanced/DPoP.md b/FOSS/content/AccessTokenManagement/Advanced/DPoP.md
@@ -1,5 +1,5 @@
 +++
-title = "DPop"
+title = "DPoP"
 weight = 40
 chapter = false
 +++

diff --git a/FOSS/content/AccessTokenManagement/Advanced/_index.md b/FOSS/content/AccessTokenManagement/Advanced/_index.md
@@ -6,3 +6,7 @@ chapter = true
 
 Advanced
 ========
+
+The following topics are available in this advanced section:
+
+{{%children style="h4" /%}}
diff --git a/FOSS/content/AccessTokenManagement/_index.md b/FOSS/content/AccessTokenManagement/_index.md
@@ -4,7 +4,7 @@ weight = 10
 chapter = true
 +++
 
-AccessTokenManagement
+Duende.AccessTokenManagement
 ========
 
 This library provides automatic access token management features for .NET worker and ASP.NET Core web applications:
@@ -13,3 +13,6 @@ This library provides automatic access token management features for .NET worker
 * automatic access token lifetime management using a refresh token for API calls on-behalf of the currently logged-in user
 * revocation of access tokens
 
+The following tutorials are available:
+
+{{%children style="h4" /%}}
diff --git a/FOSS/content/IdentityModel.OidcClient/_index.md b/FOSS/content/IdentityModel.OidcClient/_index.md
@@ -20,4 +20,8 @@ Framework 4.6.2 or later.
 You can use OidcClient to build:
 - Android and iPhone apps with .NET MAUI
 - Windows Desktop Applications with WPF or WinForms
-- Cross Platform Console Applications 
+- Cross Platform Console Applications
+
+Please refer to the following sections for details on how to use this library:
+
+{{%children style="h4" /%}}
diff --git a/FOSS/content/IdentityModel/_index.md b/FOSS/content/IdentityModel/_index.md
@@ -4,5 +4,16 @@ weight = 20
 chapter = true
 +++
 
-IdentityModel
+Duende.IdentityModel
 ========
+
+The Duende.IdentityModel package is the base library for OIDC and OAuth 2.0 related protocol
+operations. It provides an object model to interact with the endpoints defined in the
+various OAuth and OpenId Connect specifications in the form of types to represent the
+requests and responses, extension methods to invoke requests constants defined in the
+specifications, such as standard scope, claim, and parameter names, and other convenience
+methods for performing common identity related operations.
+
+Duende.IdentityModel targets .NET Standard 2.0, making it suitable for .NET and .NET Framework.
+
+{{%children style="h4" /%}}
diff --git a/FOSS/content/IdentityModel/endpoints/_index.md b/FOSS/content/IdentityModel/endpoints/_index.md
@@ -1,100 +1,10 @@
 +++
-title = "Calling Protocol Endpoints"
+title = "Endpoints"
 weight = 10
 chapter = true
 +++
 
-Calling Protocol Endpoints
-========
+Endpoints
+=======
 
-IdentityModel contains client libraries for many interactions with
-endpoints defined in OpenID Connect and OAuth 2.0. All of these
-libraries have a common design, let\'s examine the various layers using
-the client for the token endpoint.
-
-Request and response objects
-----------------------------
-
-All protocol request are modelled as request objects and have a common
-base class called *ProtocolRequest* which has properties to set the
-endpoint address, client ID, client secret, client assertion, and the
-details of how client secrets are transmitted (e.g. authorization header
-vs POST body). *ProtocolRequest* derives from *HttpRequestMessage* and
-thus also allows setting custom headers etc.
-
-The following code snippet creates a request for a client credentials
-grant type:
-
-```cs
-var request = new ClientCredentialsTokenRequest
-{
-    Address = "https://demo.identityserver.io/connect/token",
-    ClientId = "client",
-    ClientSecret = "secret"
-};
-```
-
-While in theory you could now call *Prepare* (which internally sets the
-headers, body and address) and send the request via a plain
-*HttpClient*, typically there are more parameters with special semantics
-and encoding required. That\'s why we provide extension methods to do
-the low level work.
-
-Equally, a protocol response has a corresponding *ProtocolResponse*
-implementation that parses the status codes and response content. The
-following code snippet would parse the raw HTTP response from a token
-endpoint and turn it into a *TokenResponse* object:
-
-```cs
-var tokenResponse = await ProtocolResponse
-    .FromHttpResponseAsync<TokenResponse>(httpResponse);
-```
-
-Again these steps are automated using the extension methods. So let\'s
-have a look at an example next.
-
-Extension methods
------------------
-
-For each protocol interaction, an extension method for
-*HttpMessageInvoker* (that's the base class of *HttpClient*) exists.
-The extension methods expect a request object and return a response
-object.
-
-It is your responsibility to setup and manage the lifetime of the
-*HttpClient*, e.g. manually:
-
-```cs
-var client = new HttpClient();
-
-var response = await client.RequestClientCredentialsTokenAsync(
-    new ClientCredentialsTokenRequest
-    {
-        Address = "https://demo.identityserver.io/connect/token",
-        ClientId = "client",
-        ClientSecret = "secret"
-    });
-```
-
-You might want to use other techniques to obtain an *HttpClient*, e.g.
-via the HTTP client factory:
-
-```cs
-var client = HttpClientFactory.CreateClient("my_named_token_client");
-
-var response = await client.RequestClientCredentialsTokenAsync(
-    new ClientCredentialsTokenRequest
-    {
-        Address = "https://demo.identityserver.io/connect/token",
-        ClientId = "client",
-        ClientSecret = "secret"
-    });
-```
-
-All other endpoint client follow the same design.
-
-{{% notice note %}}
-Some client libraries also include a stateful client object (e.g.
-*TokenClient* and *IntrospectionClient*). See the corresponding section
-to find out more.
-{{% /notice %}}
+{{%children style="h4" /%}}
diff --git a/FOSS/content/IdentityModel/endpoints/general_usage.md b/FOSS/content/IdentityModel/endpoints/general_usage.md
@@ -0,0 +1,99 @@
++++
+title = "General Usage"
+weight = 10
++++
+
+General Usage
+========
+
+IdentityModel contains client libraries for many interactions with
+endpoints defined in OpenID Connect and OAuth 2.0. All of these
+libraries have a common design, let\'s examine the various layers using
+the client for the token endpoint.
+
+Request and response objects
+----------------------------
+
+All protocol request are modelled as request objects and have a common
+base class called *ProtocolRequest* which has properties to set the
+endpoint address, client ID, client secret, client assertion, and the
+details of how client secrets are transmitted (e.g. authorization header
+vs POST body). *ProtocolRequest* derives from *HttpRequestMessage* and
+thus also allows setting custom headers etc.
+
+The following code snippet creates a request for a client credentials
+grant type:
+
+```cs
+var request = new ClientCredentialsTokenRequest
+{
+    Address = "https://demo.identityserver.io/connect/token",
+    ClientId = "client",
+    ClientSecret = "secret"
+};
+```
+
+While in theory you could now call *Prepare* (which internally sets the
+headers, body and address) and send the request via a plain
+*HttpClient*, typically there are more parameters with special semantics
+and encoding required. That\'s why we provide extension methods to do
+the low level work.
+
+Equally, a protocol response has a corresponding *ProtocolResponse*
+implementation that parses the status codes and response content. The
+following code snippet would parse the raw HTTP response from a token
+endpoint and turn it into a *TokenResponse* object:
+
+```cs
+var tokenResponse = await ProtocolResponse
+    .FromHttpResponseAsync<TokenResponse>(httpResponse);
+```
+
+Again these steps are automated using the extension methods. So let\'s
+have a look at an example next.
+
+Extension methods
+-----------------
+
+For each protocol interaction, an extension method for
+*HttpMessageInvoker* (that's the base class of *HttpClient*) exists.
+The extension methods expect a request object and return a response
+object.
+
+It is your responsibility to setup and manage the lifetime of the
+*HttpClient*, e.g. manually:
+
+```cs
+var client = new HttpClient();
+
+var response = await client.RequestClientCredentialsTokenAsync(
+    new ClientCredentialsTokenRequest
+    {
+        Address = "https://demo.identityserver.io/connect/token",
+        ClientId = "client",
+        ClientSecret = "secret"
+    });
+```
+
+You might want to use other techniques to obtain an *HttpClient*, e.g.
+via the HTTP client factory:
+
+```cs
+var client = HttpClientFactory.CreateClient("my_named_token_client");
+
+var response = await client.RequestClientCredentialsTokenAsync(
+    new ClientCredentialsTokenRequest
+    {
+        Address = "https://demo.identityserver.io/connect/token",
+        ClientId = "client",
+        ClientSecret = "secret"
+    });
+```
+
+All other endpoint client follow the same design.
+
+{{% notice note %}}
+Some client libraries also include a stateful client object (e.g.
+*TokenClient* and *IntrospectionClient*). See the corresponding section
+to find out more.
+{{% /notice %}}
diff --git a/FOSS/content/_index.md b/FOSS/content/_index.md
@@ -31,7 +31,7 @@ Duende.IdentityModel targets .NET Standard 2.0, making it suitable for .NET and
 
 ## [Duende.IdentityModel.OidcClient]({{< ref "IdentityModel.OidcClient" >}})
 
-Duende.IdentityModel.OidcClient is an OpenID Connect (OIDC) client library for native
+Duende.IdentityModel.OidcClient is an OpenID Connect (OIDC) client library for mobile and native
 applications in .NET. It is a certified OIDC relying party and implements [RFC
 8252](https://datatracker.ietf.org/doc/html/rfc8252/), "OAuth 2.0 for native
 Applications". It provides types that describe OIDC requests and responses, low level