Monthly Archives: January 2021

Implement OAUTH Device Code Flow with Azure AD and ASP.NET Core

January 28, 2021 · by · in .NET, ASP.NET Core, Azure, MVC, OAuth2, Security, Web · 2 Comments

The post shows how the Device Code flow (RFC 8628) could be implemented in an ASP.NET Core web application which uses Azure AD as an identity provider. An Azure App registration is used to setup the client. This solution would be useful for input constrained devices which have a browser and need to authenticate identities. […]

Using ASP.NET Core Controllers and Razor Pages from a separate shared project or assembly

January 18, 2021 · by · in .NET, .NET Core, ASP.NET Core · 4 Comments

This post shows how to use shared projects or shared assemblies for ASP.NET Core API Controllers or ASP.NET Core Razor Pages. Sometimes shared logic for different ASP.NET Web API or Web App projects can be implemented in a shared project. The shared project controllers, Razor Pages, services can be referenced and used in the host […]

Protecting legacy APIs with an ASP.NET Core Yarp reverse proxy and Azure AD OAuth

January 11, 2021 · by · in .NET, ASP.NET Core, ASPNET5, Azure, OAuth2, Security · 2 Comments

This article shows how a legacy API could be protected using an ASP.NET Core Yarp reverse proxy and Azure AD OAuth. The security is implemented using Azure AD and Microsoft.Identity.Web. Sometimes it is not possible to update an existing or old API within a reasonable price and the financially best way to use it in […]

Azure AD Access Token Lifetime Policy Management in ASP.NET Core

January 5, 2021 · by · in .NET Core, ASP.NET Core, Azure · 3 Comments

This article shows how the lifespan of access tokens can be set and managed in Azure AD using ASP.NET Core Razor pages with Microsoft Graph API and token lifetime policies. A TokenLifetimePolicy can be created for the whole tenant or used for specific Azure App Registrations. Code: Azure AD Token Management Posts in this series […]