Monthly Archives: January 2023

Using multi-tenant AAD delegated APIs from different tenants

January 30, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Azure AD · 3 Comments

This post looks at implementing and using Azure AD multiple tenant applications from different tenants. A service principal needs to be created for the tenant using the multi-tenant API and consent needs to be given for the API scope. The API will accept tokens from different issuers which need to be validated. It is important […]

Basic Authentication in ASP.NET Core

January 23, 2023 · by · in .NET, .NET Core, ASP.NET Core · 5 Comments

This article shows how basic authentication could be implemented in an ASP.NET Core application. This is not the recommended way to implement security for user flows as the password is always sent with each request but the flow is sometimes required to implement a standard or you sometimes need to support one side of an […]

Implementing secure Microsoft Graph application clients in ASP.NET Core

January 16, 2023 · by · in .NET, .NET Core, App Service, ASP.NET Core, Azure · 4 Comments

The article looks at the different way a Microsoft Graph application client can be implemented and secured in an ASP.NET Core application or a .NET application. This type of client is intended for applications or application logic where no user is involved. Code: https://github.com/damienbod/MicrosoftGraphAppToAppSecurity Accessing Microsoft Graph can be initialized for app-to-app (application permissions) security […]

Implement the OAUTH 2.0 Token Exchange delegated flow between an Azure AD API and an API protected using OpenIddict

January 9, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Azure AD · 2 Comments

This article shows how to implement the OAUTH 2.0 Token Exchange RFC 8693 delegated flow between two APIs, one using Azure AD to authorize the HTTP requests and a second API protected using OpenIddict. The Azure AD protected API uses the OAUTH 2.0 Token Exchange RFC 8693 delegated flow to get a new OpenIddict delegated […]

Azure AD Multi tenant Azure App registration consent

January 2, 2023 · by · in ASP.NET Core, Azure, Azure AD, Azure B2C · 3 Comments

This article looks at Azure Active directory and consent with multi-tenant Azure App registrations. Consent works different depending on the user type, the tenant policies and the required permissions. It is sometimes hard to understand why a user cannot login or where the consent has to be given for a specific Azure App registration which […]