Monthly Archives: September 2022

ASP.NET Core Api Auth with multiple Identity Providers

September 19, 2022 · by · in .NET, .NET Core, ASP.NET Core, Azure, OAuth2, Security · 7 Comments

This article shows how an ASP.NET Core API can be secured using multiple access tokens from different identity providers. ASP.NET Core schemes and policies can be used to set this up. Code: https://github.com/damienbod/AspNetCoreApiAuthMultiIdentityProvider History 2023-04-29 Updated packages and revert to default JWT authorization packages due to errors on update. The ASP.NET Core API has a […]

Setup application client in Azure App Registration with App roles to use a web API

September 12, 2022 · by · in .NET Core, App Service, ASP.NET Core, Azure, Microsoft Entra ID · 2 Comments

In Azure AD, a client application with no user (daemon client) which uses an access token to access an API protected with Microsoft Identity needs to use an Azure API Registration with App Roles. Scopes are used for delegated flows (with a User and a UI login). This is Azure AD specific not OAuth2. This […]

Implement a GRPC API with OpenIddict and the OAuth client credentials flow

September 5, 2022 · by · in .NET, .NET Core, ASP.NET Core · 4 Comments

This post shows how to implement a GRPC service implemented in an ASP.NET Core kestrel hosted service. The GRPC service is protected using an access token. The client application uses the OAuth2 client credentials flow with introspection and the reference token is used to get access to the GRPC service. The GRPC API uses introspection […]