Monthly Archives: October 2024

Implement security headers for an ASP.NET Core API supporting OpenAPI Swagger UI

October 21, 2024 · by damienbod · in .NET, .NET Core, ASP.NET Core, Security, Web · Leave a comment

This article shows how to implement security headers for an application supporting an API and a swagger UI created from a open API in .NET 9. The security headers are implemented using the NetEscapades.AspNetCore.SecurityHeaders Nuget packages from Andrew Lock. Code: https://github.com/damienbod/WebApiOpenApi Deploying a web application which supports both an API and a UI have different […]

Microsoft Entra ID App-to-App security architecture

October 7, 2024 · by damienbod · in .NET Core, App Service, ASP.NET Core, Azure, Azure Key Vault, Microsoft Entra ID · 4 Comments

This article looks at the different setups when using App-to-App security with Microsoft Entra ID (OAuth client credentials). Microsoft Entra App registrations are used to configure the OAuth clients and resources. For each tenant, an Enterprise application is created for the client App registration when the consent is granted. The claims in the access token […]

Software Engineering

Monthly Archives: October 2024

Implement security headers for an ASP.NET Core API supporting OpenAPI Swagger UI

Categories

blogs 1 web, general

blogs 2 security

blogs 3 Azure

blogs 4 SSI DID

blogs 5a

blogs 5b

tools

web

Meta

Archives