Category Microsoft Entra ID

Force MFA in Blazor using Azure AD and Continuous Access

June 13, 2022 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID, Uncategorized · 4 Comments

This article shows how to force MFA from your application using Azure AD and a continuous access auth context. When producing software which can be deployed to multiple tenants, instead of hoping IT admins configure this correctly in their tenants, you can now force this from the application. Many tenants do not force MFA. Code: […]

Implement Azure AD Continuous Access (CA) standalone with Blazor ASP.NET Core

May 30, 2022 · by · in .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID, Uncategorized · 1 Comment

This post shows how to force an Azure AD policy using Azure AD Continuous Access (CA) in an ASP.NET Core Blazor application. An authentication context is used to require MFA. The “acrs” claim in the id_token is used to validate whether or not an Azure AD CAE policy has been fulfilled. If the claim is […]

Implement Azure AD Continuous Access (CA) step up with ASP.NET Core Blazor using a Web API

May 23, 2022 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 2 Comments

This article shows how to implement Azure AD Continuous Access (CA) in a Blazor application which uses a Web API. The API requires an Azure AD conditional access authentication context. In the example code, MFA is required to use the external API. If a user requests data from the API using the required access token […]

Using multiple Azure B2C user flows from ASP.NET Core

May 16, 2022 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 5 Comments

This article shows how to use multiple Azure B2C user flows from a single ASP.NET Core application. Microsoft.Identity.Web is used to implement the authentication in the client. This is not so easy to implement with multiple schemes as the user flow policy is used in most client URLs and the Microsoft.Identity.Web package overrides an lot […]

Implement Azure AD Continuous Access in an ASP.NET Core Razor Page app using a Web API

April 20, 2022 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID, MVC, Web · 6 Comments

This article shows how Azure AD continuous access (CA) can be used in an ASP.NET Core UI application to force MFA when using an administrator API from a separate ASP.NET Core application. Both applications are secured using Microsoft.Identity.Web. An ASP.NET Core Razor Page application is used to implement the UI application. The API is implemented […]

Implementing OAuth2 APP to APP security using Azure AD from a Web APP

March 28, 2022 · by · in .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 5 Comments

This article shows how to implement an API service and client in separate ASP.NET Core applications which are secured using Azure application permissions implemented in an Azure App registration. The OAuth client credentials flow is used to get an access token to access the API. Microsoft.Identity.Web is used to implement the client credentials (CC) flow. […]

Onboarding new users in an ASP.NET Core application using Azure B2C

March 24, 2022 · by · in .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 2 Comments

This article shows how to onboard new users into your ASP.NET Core application using Azure B2C as the identity provider and the account management. The software has application specific persisted user data and this user data needs to be connected to the identity data from the corresponding user in Azure B2C. Code: https://github.com/damienbod/azureb2c-fed-microsoft-entra-id History 2024-01-02 […]

Transforming identity claims in ASP.NET Core and Cache

March 16, 2022 · by · in .NET, ASP.NET Core, Azure, dotnet, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 5 Comments

The article shows how to add extra identity claims to an ASP.NET Core application which authenticates using the Microsoft.Identity.Web client library and Azure AD B2C or Azure AD as the identity provider (IDP). This could easily be switched to OpenID Connect and use any IDP which supports OpenID Connect. The extra claims are added after […]

Implementing authorization in Blazor ASP.NET Core applications using Azure AD security groups

February 21, 2022 · by · in .NET Core, ASP.NET Core, Azure, Microsoft Entra ID, OAuth2, Security · 4 Comments

This article shows how to implement authorization in an ASP.NET Core Blazor application using Azure AD security groups as the data source for the authorization definitions. Policies and claims are used in the application which decouples the descriptions from the Azure AD security groups and the application specific authorization requirements. With this setup, it is […]

Implement a PWA using Blazor with BFF security and Azure B2C

January 31, 2022 · by · in .NET Core, App Service, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 4 Comments

The article shows how to implement a progressive web application (PWA) using Blazor which is secured using the backend for frontend architecture and Azure B2C as the identity provider. Code https://github.com/damienbod/PwaBlazorBffAzureB2C Setup and challenges with PWAs The application is setup to implement all security in the trusted backend and reduce the security risks of the […]

Older posts Newer posts