Clik here to view.
ASP.NET Core and Angular BFF using a YARP downstream API protected using...
This article demonstrates how to implement a downstream API protected by certificate authentication using Microsoft YARP reverse proxy in an ASP.NET Core web application. The application uses Angular...
View ArticleClik here to view.
ASP.NET Core BFF using OpenID Connect and Vue.js
This article shows how to implement a secure web application using Vue.js and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both...
View ArticleClik here to view.
Using ASP.NET Core with Azure Key Vault
This article looks at setting up an ASP.NET Core application to use Azure Key Vault. When deployed to Azure, it works like in the Azure documentation but when working on development PCs, some changes...
View ArticleClik here to view.
Using Entra External ID with an Auth0 OpenID Connect identity provider
This post looks at implementing an Open ID Connect identity provider in Microsoft Entra External ID. Auth0 is used as the identity provider and an ASP.NET Core application is used to test the...
View ArticleClik here to view.
ASP.NET Core user delegated access token management
The article looks at managing user delegated access tokens for a downstream API in an ASP.NET Core web application. There are many ways of implementing this, all with advantages and disadvantages. The...
View ArticleClik here to view.
ASP.NET Core user application access token management
This article looks at management application access tokens in an ASP.NET Core web application. Any application with or without a user can use application access tokens as long as the application can...
View ArticleClik here to view.
Multiple client sign-in customizations using Duende identity provider
This post looks at customizing the sign-in UI and the sign-in options in an ASP.NET Core application using Duende IdentityServer and ASP.NET Core Identity. There are multiple ways of changing the look...
View ArticleClik here to view.
ASP.NET Core delegated OAuth Token Exchange access token management
This blog shows how to implement a delegated OAuth 2.0 Token Exchange RFC 8693 flow in ASP.NET Core, and has a focus on access token management. It looks at how the OAuth Token Exchange can be...
View ArticleClik here to view.
Customizing a single client sign-in using parameters in Duende IdentityServer
This post looks at customizing the sign-in UI and the sign-in options in an ASP.NET Core application using Duende IdentityServer and ASP.NET Core Identity. There are multiple ways of changing the look...
View ArticleClik here to view.
Use client assertions in OpenID Connect and ASP.NET Core
Client assertions is a method of client authentication which can be used in OpenID Connect. This provides an alternative to client secrets. This approach enhances security by using signed tokens...
View ArticleClik here to view.
Implement Phone verification, 2FA using ASP.NET Core Identity
This post shows how to implement phone (SMS) verification and two-factor authentication (2FA) using ASP.NET Core Identity. The solution integrates phone-based verification and 2FA mechanisms. The...
View ArticleClik here to view.
ASP.NET Core delegated Microsoft OBO access token management (Entra only)
This blog shows how to implement a delegated Microsoft On-Behalf-Of flow in ASP.NET Core, and has a focus on access token management. The solution uses Microsoft.Identity.Web to implement the...
View ArticleClik here to view.
Implement client assertions for OAuth client credential flows in ASP.NET Core
This blog implements client assertions using an OAuth client credential flow in ASP.NET Core. Client assertions provide a secure way for client authentication without sharing a secret, enhancing the...
View ArticleClik here to view.
Implement client assertions with client credentials flow using OAuth DPoP
This blog looks at implementing client assertions for the client credentials flow using OAuth 2.0 Demonstration of Proof-of-Possession (DPoP). The client credentials flow is an OAuth 2.0 authorization...
View ArticleClik here to view.
Using multiple external identity providers from ASP.NET Core Identity and...
This blog post shows how an ASP.NET Core Identity application can integrate and implement multiple external identity providers. An OIDC client UI uses the solution and is implemented using Duende...
View ArticleClik here to view.
Revisiting using a Content Security Policy (CSP) nonce in Blazor
This blog looks at implementing a strong Content Security Policy (CSP) in web applications implemented using Blazor and ASP.NET Core. When implementing CSP, I always recommend using a CSP nonce or at...
View ArticleClik here to view.
Handling OpenID Connect error events in ASP.NET Core
ASP.NET Core provides great extension points for handling OpenID Connect error events. This blog looks at implementing error handling in an ASP.NET Core application implemented using ASP.NET Core...
View ArticleClik here to view.
Experimental alternative flow for OAuth First-Party Applications
This post looks at an alternative way of implementing a native app authentication and authorization. At present, a web browser is used to implement authentication of native applications when using...
View Article