Category Azure

Implementing authorization in Blazor ASP.NET Core applications using Azure AD security groups

February 21, 2022 · by · in .NET Core, ASP.NET Core, Azure, Microsoft Entra ID, OAuth2, Security · 4 Comments

This article shows how to implement authorization in an ASP.NET Core Blazor application using Azure AD security groups as the data source for the authorization definitions. Policies and claims are used in the application which decouples the descriptions from the Azure AD security groups and the application specific authorization requirements. With this setup, it is […]

Using Blazor with a YARP downstream API protected using certificate authentication

February 7, 2022 · by · in .NET, .NET Core, App Service, ASP.NET Core · 4 Comments

This article shows how to use a downstream API protected with certificate authentication using Microsoft YARP reverse proxy from a Blazor application. The Blazor WASM HTTP requests are sent to a secured backend which uses YARP to forward the requests to the API protected with the certificate authentication. The Blazor application authenticates using the OpenIddict […]

Implement a PWA using Blazor with BFF security and Azure B2C

January 31, 2022 · by · in .NET Core, App Service, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 4 Comments

The article shows how to implement a progressive web application (PWA) using Blazor which is secured using the backend for frontend architecture and Azure B2C as the identity provider. Code https://github.com/damienbod/PwaBlazorBffAzureB2C Setup and challenges with PWAs The application is setup to implement all security in the trusted backend and reduce the security risks of the […]

Use FIDO2 passwordless authentication with Azure AD

January 17, 2022 · by · in Azure, Microsoft Entra ID · 3 Comments

This article shows how to implement FIDO2 passwordless authentication with Azure AD for users in an Azure tenant. FIDO2 provides one of the best user authentication methods and is a more secure authentication compared with other account authentication implementations such authenticator apps, SMS, email, password alone or SSI authentication. FIDO2 authentication protects against phishing. To […]

Use calendar, mailbox settings and Teams presence in ASP.NET Core hosted Blazor WASM with Microsoft Graph

December 20, 2021 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 7 Comments

This article shows how to use Microsoft Graph with delegated permissions in a Blazor WASM ASP.NET Core hosted application. The application uses Microsoft.Identity.Web and the BFF architecture to authenticate against Azure AD. All security logic is implemented in the trusted backend. Microsoft Graph is used to access mailbox settings, teams presence and a users calendar. […]

Blazor WASM hosted in ASP.NET Core templates with Azure B2C and Azure AD authentication using Backend for Frontend (BFF)

December 6, 2021 · by · in .NET, App Service, Azure, dotnet, Microsoft Entra External ID, Microsoft Entra ID · 12 Comments

I have implemented many Blazor WASM ASP.NET Core hosted applications now for both Azure AD and Azure B2C authentication. I always implement security for this type of application now using the Backend for Frontend (BFF) security architecture and can remove the tokens from the client. This is also what I recommend. At present, no Microsoft […]

Implement certificate authentication in ASP.NET Core for an Azure B2C API connector

November 22, 2021 · by · in .NET, .NET Core, App Service, ASP.NET Core, Azure, dotnet, Microsoft Entra External ID, Microsoft Entra ID · 4 Comments

This article shows how an ASP.NET Core API can be setup to require certificates for authentication. The API is used to implement an Azure B2C API connector service. The API connector client uses a certificate to request profile data from the Azure App Service API implementation, which is validated using the certificate thumbprint. Code: https://github.com/damienbod/AspNetCoreB2cExtraClaims […]

Add extra claims to an Azure B2C user flow using API connectors and ASP.NET Core

November 15, 2021 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, OAuth2, Security · 9 Comments

This post shows how to implement an ASP.NET Core Razor Page application which authenticates using Azure B2C and uses custom claims implemented using the Azure B2C API connector. The claims provider is implemented using an ASP.NET Core API application and the Azure API connector requests the data from this API. The Azure API connector adds […]

Implement a secure API and a Blazor app in the same ASP.NET Core project with Azure AD authentication

October 4, 2021 · by · in .NET Core, ASP.NET Core, Azure · 5 Comments

The article shows how an ASP.NET Core API and a Blazor BBF application can be implemented in the same project and secured using Azure AD with Microsoft.Identity.Web. The Blazor application is secured using the BFF pattern with its backend APIs protected using cookies with anti-forgery protection and same site. The API is protected using JWT […]

Using Azure security groups in ASP.NET Core with an Azure B2C Identity Provider

September 6, 2021 · by · in .NET, .NET Core, ASP.NET Core, Microsoft Entra External ID · 5 Comments

This article shows how to implement authorization in an ASP.NET Core application which uses Azure security groups for the user definitions and Azure B2C to authenticate. Microsoft Graph API is used to access the Azure group definitions for the signed in user. The client credentials flow is used to authorize the Graph API client with […]

Older posts Newer posts