Clik here to view.
Issue Employee verifiable credentials using Entra Verified ID and ASP.NET Core
This article shows how to implement verifiable credentials using Microsoft Entra Verified ID and ASP.NET Core to issue the employee credentials. This solution uses a self sovereign identity (SSI)...
View ArticleClik here to view.
Use a Microsoft Entra Verified ID Employee credential to view paycheck data
This post shows how a Microsoft Entra Verified ID employee credential can be used to access user specific data. This demo shows possible paycheck data from Switzerland. A payment ID can be the printed...
View ArticleClik here to view.
Securing APIs using ASP.NET Core and OAuth 2.0 DPoP
This article shows how an ASP.NET Core application can access an ASP.NET Core API using OAuth Demonstrating Proof-of-Possession (DPoP). This is a really powerful security enhancement which is...
View ArticleClik here to view.
ASP.NET Core Logging using Serilog and Azure
This article shows how to implement logging in an ASP.NET Core application using Serilog and Azure as a hosting environment. Code: https://github.com/damienbod/aspnetcore-azure-logging Priority...
View ArticleClik here to view.
Use multiple Microsoft Entra Verified ID credentials in a verification...
This post shows how a Microsoft Entra ID verified employee credential can be used together with a self attestation credential to unlock a door. Using this, a person can prove they know a code and...
View ArticleClik here to view.
Implement a secure web application using nx Standalone Angular and an ASP.NET...
This article shows how to implement a secure web application using Angular and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both...
View ArticleClik here to view.
Secure Angular application using Auth0 and ASP.NET Core with BFF
The article shows how an Angular nx Standalone UI hosted in an ASP.NET Core application can be secured using cookies. Auth0 is used as the identity provider. The trusted application is protected using...
View ArticleClik here to view.
Secure Angular application using OpenIddict and ASP.NET Core with BFF
The article shows how an Angular nx Standalone UI hosted in an ASP.NET Core application can be secured using cookies. OpenIddict is used as the identity provider. The trusted application is protected...
View ArticleClik here to view.
Implement a secure web application using Vue.js and an ASP.NET Core server
This article shows how to implement a secure web application using Vue.js and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both...
View ArticleClik here to view.
Issue and verify BBS+ verifiable credentials using ASP.NET Core and trinsic.id
This article shows how to implement identity verification in a solution using ASP.NET Core and trinsic.id, built using an id-tech solution based on self sovereign identity principals. The credential...
View ArticleClik here to view.
Fix missing tokens when using downstream APIs and Microsoft Identity in...
This article shows how a secure ASP.NET Core application can use Microsoft Entra ID downstream APIs and an in-memory cache. When using in-memory cache and after restarting an application, the tokens...
View ArticleClik here to view.
Secure an Angular application using Microsoft Entra External ID and ASP.NET...
This article looks at implementing an ASP.NET Core application hosting an Angular nx application which authenticates using Microsoft Entra External ID for customers (CIAM). The ASP.NET Core...
View ArticleUsing a strong nonce based CSP with Angular
This article shows how to use a strong nonce based CSP with Angular for scripts and styles. When using a nonce, the overall security can be increased and it is harder to do XSS attacks or other type...
View ArticleClik here to view.
Authentication with multiple identity providers in ASP.NET Core
This article shows how to implement authentication in ASP.NET Core using multiple identity providers or secure token servers. When using multiple identity providers, the authentication flows need to...
View ArticleClik here to view.
Improve ASP.NET Core authentication using OAuth PAR and OpenID Connect
This article shows how an ASP.NET Core application can be authenticated using OpenID Connect and OAuth 2.0 Pushed Authorization Requests (PAR) RFC 9126. The OpenID Connect server is implemented using...
View ArticleClik here to view.
Securing a MudBlazor UI web application using security headers and Microsoft...
This article shows how a Blazor application can be implemented in a secure way using MudBlazor UI components and Microsoft Entra ID as an identity provider. The MudBlazor UI components adds some...
View ArticleClik here to view.
Signing git commits on Windows and using with Github
This article shows how to setup and sign git commits on Windows for Github. Most of this is already documented on the Github docs, but I ran into trouble when using this with git Extensions on a...
View ArticleClik here to view.
Securing a Blazor Server application using OpenID Connect and security headers
This article shows how to secure a Blazor Server application. The application implements an OpenID Connect confidential client with PKCE using .NET 8 and configures the security headers as best...
View ArticleClik here to view.
Migrate ASP.NET Core Blazor Server to Blazor Web
This article shows how to migrate a Blazor server application to a Blazor Web application. The migration used the ASP.NET Core migration documentation, but this was not complete and a few extra steps...
View ArticleClik here to view.
Secure an ASP.NET Core Blazor Web app using Microsoft Entra ID
This article shows how to implement an ASP.NET Core Blazor Web application using Microsoft Entra ID for authentication. Microsoft.Identity.Web is used to implement the Microsoft Entra ID OpenID...
View Article