Category Azure

Create conditional access base policies for a Microsoft Entra ID tenant

April 2, 2024 · by · in Azure, Logging · 2 Comments

This article shows some of the base conditional access policies which can be implemented for all Microsoft Entra ID tenants. Phishing resistant authentication should be required for all administration flows and some other user policies like sign-in risk MFA or terms of conditions. I recommend these base policies when implementing an Microsoft Entra ID tenant […]

Multi client blob storage access using ASP.NET Core with Entra ID authentication and RBAC

March 4, 2024 · by · in .NET Core, ASP.NET Core, Microsoft Entra ID · 2 Comments

This article shows how to onboard different clients or organizations in an ASP.NET Core application to use separated Azure blob containers with controlled access using security groups and RBAC applied roles. Each user in a client group can only access a single blob storage and has no access to blob containers belonging to different clients. […]

Using Blob storage from ASP.NET Core with Entra ID authentication

February 12, 2024 · by · in .NET Core, App Service, ASP.NET Core, Azure, Microsoft Entra ID · 4 Comments

This article shows how to implement a secure upload and a secure download in ASP.NET Core using Azure blob storage. The application uses Microsoft Entra ID for authentication and also for access to the Azure Blob storage container. Code: https://github.com/damienbod/AspNetCoreEntraIdBlobStorage Blogs in this series Security architecture The application is setup to store the file uploads […]

Secure an ASP.NET Core Blazor Web app using Microsoft Entra ID

February 5, 2024 · by · in .NET Core, ASP.NET Core, Microsoft Entra External ID, Microsoft Entra ID · 2 Comments

This article shows how to implement an ASP.NET Core Blazor Web application using Microsoft Entra ID for authentication. Microsoft.Identity.Web is used to implement the Microsoft Entra ID OpenID Connect client. Code: https://github.com/damienbod/Hostedblazor8MeID Note: I based this implementation on the example provided by Tomás López Rodríguez and adapted it. Setup The Blazor Web application is an […]

Securing a MudBlazor UI web application using security headers and Microsoft Entra ID

December 13, 2023 · by · in .NET Core, App Service, ASP.NET Core, Azure, dotnet, Microsoft Entra ID, OAuth2, Security · 5 Comments

This article shows how a Blazor application can be implemented in a secure way using MudBlazor UI components and Microsoft Entra ID as an identity provider. The MudBlazor UI components adds some inline styles and requires a specific CSP setup due to this and the Blazor WASM script requirements. Code: https://github.com/damienbod/MicrosoftEntraIDMudBlazor Setup The application is […]

Fix missing tokens when using downstream APIs and Microsoft Identity in ASP.NET Core

October 18, 2023 · by · in ASP.NET Core, Azure, Entra CIAM, graph, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 2 Comments

This article shows how a secure ASP.NET Core application can use Microsoft Entra ID downstream APIs and an in-memory cache. When using in-memory cache and after restarting an application, the tokens are missing for a value session stored in the cookie. The application needs to recover. Code: https://github.com/damienbod/bff-aspnetcore-angular OpenID Connect client setup The ASP.NET Core […]

Implement a secure web application using Vue.js and an ASP.NET Core server

October 2, 2023 · by · in .NET, .NET Core, App Service, ASP.NET Core, Azure, Entra CIAM, Microsoft Entra External ID, Microsoft Entra ID · 1 Comment

This article shows how to implement a secure web application using Vue.js and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both technical stack distributions as one web application. HTTP only secure cookies are used to persist the session. Microsoft Entra ID is used as the identity provider […]

Implement a secure web application using nx Standalone Angular and an ASP.NET Core server

September 11, 2023 · by · in .NET Core, angular, App Service, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 10 Comments

This article shows how to implement a secure web application using Angular and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both technical stack distributions as one web application. HTTP only secure cookies are used to persist the session. Microsoft Entra ID is used as the identity provider […]

Use multiple Microsoft Entra Verified ID credentials in a verification presentation

August 31, 2023 · by · in .NET, .NET Core, ASP.NET Core, dotnet, Microsoft Entra ID, OAuth2, Security, Self Sovereign Identity · 1 Comment

This post shows how a Microsoft Entra ID verified employee credential can be used together with a self attestation credential to unlock a door. Using this, a person can prove they know a code and prove their employee status. Code: https://github.com/swiss-ssi-group/EntraEmployeeUnlockDoor Get your Verified Employee credential To use this app, the Microsoft Entra employee credential […]

ASP.NET Core Logging using Serilog and Azure

August 21, 2023 · by · in .NET Core, App Service, ASP.NET Core, Azure · 10 Comments

This article shows how to implement logging in an ASP.NET Core application using Serilog and Azure as a hosting environment. Code: https://github.com/damienbod/aspnetcore-azure-logging History Priority logging use cases Two types of default logging use cases need to be supported in most software solutions. The application requires near real time logs which can be easily viewed and […]

Older posts Newer posts