Category Microsoft Entra ID

Use FIDO2 passwordless authentication with Azure AD

January 17, 2022 · by · in Azure, Microsoft Entra ID · 3 Comments

This article shows how to implement FIDO2 passwordless authentication with Azure AD for users in an Azure tenant. FIDO2 provides one of the best user authentication methods and is a more secure authentication compared with other account authentication implementations such authenticator apps, SMS, email, password alone or SSI authentication. FIDO2 authentication protects against phishing. To […]

Use calendar, mailbox settings and Teams presence in ASP.NET Core hosted Blazor WASM with Microsoft Graph

December 20, 2021 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 7 Comments

This article shows how to use Microsoft Graph with delegated permissions in a Blazor WASM ASP.NET Core hosted application. The application uses Microsoft.Identity.Web and the BFF architecture to authenticate against Azure AD. All security logic is implemented in the trusted backend. Microsoft Graph is used to access mailbox settings, teams presence and a users calendar. […]

Blazor WASM hosted in ASP.NET Core templates with Azure B2C and Azure AD authentication using Backend for Frontend (BFF)

December 6, 2021 · by · in .NET, App Service, Azure, dotnet, Microsoft Entra External ID, Microsoft Entra ID · 12 Comments

I have implemented many Blazor WASM ASP.NET Core hosted applications now for both Azure AD and Azure B2C authentication. I always implement security for this type of application now using the Backend for Frontend (BFF) security architecture and can remove the tokens from the client. This is also what I recommend. At present, no Microsoft […]

Implement certificate authentication in ASP.NET Core for an Azure B2C API connector

November 22, 2021 · by · in .NET, .NET Core, App Service, ASP.NET Core, Azure, dotnet, Microsoft Entra External ID, Microsoft Entra ID · 4 Comments

This article shows how an ASP.NET Core API can be setup to require certificates for authentication. The API is used to implement an Azure B2C API connector service. The API connector client uses a certificate to request profile data from the Azure App Service API implementation, which is validated using the certificate thumbprint. Code: https://github.com/damienbod/AspNetCoreB2cExtraClaims […]

Securing ASP.NET Core Razor Pages, Web APIs with Azure B2C external and Azure AD internal identities

July 26, 2021 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 6 Comments

This article shows how to implement an ASP.NET Core Razor page to authenticate against Azure B2C and use Web APIs from a second ASP.NET Core application which are also protected using Azure B2C App registrations. Azure B2C uses the signin, signup user flow and allows identities to authenticate using an Azure AD single tenant. Two […]

Securing Azure Functions using ME-ID JWT Bearer token authentication for user access tokens

September 24, 2020 · by · in .NET Core, App Service, ASP.NET Core, Azure, Azure functions, Microsoft Entra ID, OAuth2, Security · 10 Comments

This post shows how to implement OAuth security for an Azure Function using user-access JWT Bearer tokens created using Microsoft Entra ID and App registrations. A client web application implemented in ASP.NET Core is used to authenticate and the access token created for the identity is used to access the API implemented using Azure Functions. […]

Newer posts