Monthly Archives: April 2018

OAuth using OIDC Authentication with PKCE for a .NET Core Console Native Application

April 25, 2018 · by · in .NET Core, ASP.NET Core, dotnet, OAuth2, Security · 5 Comments

This article shows how to use a .NET Core console application securely with an API using the RFC 7636 specification. The app logs into IdentityServer4 using the OIDC authorization code flow with a PKCE (Proof Key for Code Exchange). The app can then use the access token to consume data from a secure API. This […]

ASP.NET Core Authorization for Windows, Local accounts

April 19, 2018 · by · in .NET, .NET Core, ASP.NET Core, ASPNET5, OAuth2, Security · 4 Comments

This article shows how authorization could be implemented for an ASP.NET Core MVC application. The authorization logic is extracted into a separate project, which is required by some certification software requirements. This could also be deployed as a separate service. Code: https://github.com/damienbod/AspNetCoreWindowsAuth Blogs in this series: Supporting both Local and Windows Authentication in ASP.NET Core […]

Supporting both Local and Windows Authentication in ASP.NET Core MVC using IdentityServer4

April 15, 2018 · by · in .NET Core, ASP.NET Core, ASPNET5, dotnet, MVC, OAuth2, Security, Web · 14 Comments

This article shows how to setup an ASP.NET Core MVC application to support both users who can login in with a local login account, solution specific, or use a windows authentication login. The identity created from the windows authentication could then be allowed to do different tasks, for example administration, or a user from the […]