Monthly Archives: May 2023

ASP.NET Core authentication using Microsoft Entra External ID for customers (CIAM)

May 30, 2023 · by · in ASP.NET Core, Azure, Azure AD, Entra CIAM · 4 Comments

This article looks at implementing an ASP.NET Core application which authenticates using Microsoft Entra External ID for customers (CIAM). The ASP.NET Core authentication is implemented using the Microsoft.Identity.Web Nuget package. The client implements the OpenID Connect code flow with PKCE and a confidential client. Code: https://github.com/damienbod/EntraExternalIdCiam Posts in this series Microsoft Entra External ID for […]

Blazor and CSP

May 22, 2023 · by · in .NET, ASP.NET Core, .NET Core, Azure, Azure AD · 5 Comments

This post looks at the a recent fix for Blazor which I think is of massive importance. You can now develop with Blazor in Visual Studio (Preview) using a strong CSP. Code: https://github.com/damienbod/Hostedblazor8Aad When developing applications, the development environment should be as close as possible to the target production deployment. As a rule, the more […]

Use Azure PIM with groups in ASP.NET Core

May 15, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Azure AD · 3 Comments

This article shows how to implement Azure Privileged Identity Management access in an ASP.NET Core application using an Azure security group. An Azure Conditional Access Authentication context is used for the Azure administrator giving access to the group for Azure AD users. The Authentication context is setup to require a phishing resistant authentication. An Enterprise application […]

Trust phishing resistant MFA for cross tenant users

May 8, 2023 · by · in .NET Core, ASP.NET Core, OAuth2, Security, Web · 3 Comments

This article shows how to force phishing resistant authentication for external B2B users using a cross tenant trust. The external users are from a separate tenant and the local tenant needs to trust the multiple factor authentication (MFA) from the other known tenants. This prevents the user having to authenticate again and setup more MFA. […]

Application security context models

May 1, 2023 · by · in Azure, OAuth2, Security, Self Sovereign Identity · 4 Comments

This article looks at a new concept for creating application security context models for modern solutions using best practice security. By using security context models in projects, a qualitative and secure authentication solution can be produced quicker and more efficient. At present, too many solution architects try to patch the security architecture after the application […]