Category ASP.NET Core
Reset user account passwords using Microsoft Graph and application permissions in ASP.NET Core
This article shows how to reset a password for tenant members using a Microsoft Graph application client in ASP.NET Core. An Azure App registration is used to define the application permission for the Microsoft Graph client and the User Administrator role is assigned to the Azure Enterprise application created from the Azure App registration. Code: […]
ASP.NET Core authorization using Entra External ID CIAM and Azure AD security groups
This article looks at implementing authorization in Microsoft Entra External ID for customers (CIAM) using Azure AD delegated roles. The roles can be assigned to users or groups in an Azure Enterprise application. Code: https://github.com/damienbod/EntraExternalIdCiam Blogs in this series In Azure AD it has been possible to use roles with users and groups to implement […]
ASP.NET Core authentication using Microsoft Entra External ID for customers (CIAM)
This article looks at implementing an ASP.NET Core application which authenticates using Microsoft Entra External ID for customers (CIAM). The ASP.NET Core authentication is implemented using the Microsoft.Identity.Web Nuget package. The client implements the OpenID Connect code flow with PKCE and a confidential client. Code: https://github.com/damienbod/EntraExternalIdCiam Posts in this series Microsoft Entra External ID for […]
Blazor and CSP
This post looks at the a recent fix for Blazor which I think is of massive importance. You can now develop with Blazor in Visual Studio using a strong CSP. Code: https://github.com/damienbod/Hostedblazor8Aad History When developing applications, the development environment should be as close as possible to the target production deployment. As a rule, the more […]
Use Azure PIM with groups in ASP.NET Core
This article shows how to implement Azure Privileged Identity Management access in an ASP.NET Core application using an Azure security group. An Azure Conditional Access Authentication context is used for the Azure administrator giving access to the group for Azure AD users. The Authentication context is setup to require a phishing resistant authentication. An Enterprise application […]
Trust phishing resistant MFA for cross tenant users
This article shows how to force phishing resistant authentication for external B2B users using a cross tenant trust. The external users are from a separate tenant and the local tenant needs to trust the multiple factor authentication (MFA) from the other known tenants. This prevents the user having to authenticate again and setup more MFA. […]
Provision Azure IoT Hub devices using DPS and X.509 certificates in ASP.NET Core
This article shows how to provision Azure IoT hub devices using Azure IoT hub device provisioning services (DPS) and ASP.NET Core. The devices are setup using chained certificates created using .NET Core and managed in the web application. The data is persisted in a database using EF Core and the certificates are generated using the […]
A first look at Blazor and .NET 8
In this post, Blazor and .NET 8 is used to implement a simple website. I took a .NET 7 project, updated it to .NET 8 and tried out some of the new features in .NET 8. Code: https://github.com/damienbod/Hostedblazor8Aad Setup The project was setup using a .NET 7 project which implements an Azure AD authentication using […]
Auto sign-out using ASP.NET Core Razor Pages with Azure AD B2C
This article shows how an ASP.NET Core Razor Page application could implement an automatic sign-out when a user does not use the application for n-minutes. The application is secured using Azure AD B2C. To remove the session, the client must sign-out both on the ASP.NET Core application and the Azure AD B2C identity provider or […]
Onboarding users in ASP.NET Core using Microsoft Entra ID Temporary Access Pass and Microsoft Graph
The article looks at onboarding different Microsoft Entra ID users with a temporary access pass (TAP) and some type of passwordless authentication. An ASP.NET Core application is used to create the Microsoft Entra ID member users which can then use a TAP to setup the account. This is a great way to onboard users in […]
Software Engineering 