Category .NET Core

Implementing OAuth2 APP to APP security using Azure AD from a Web APP

March 28, 2022 · by · in .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 5 Comments

This article shows how to implement an API service and client in separate ASP.NET Core applications which are secured using Azure application permissions implemented in an Azure App registration. The OAuth client credentials flow is used to get an access token to access the API. Microsoft.Identity.Web is used to implement the client credentials (CC) flow. […]

Onboarding new users in an ASP.NET Core application using Azure B2C

March 24, 2022 · by · in .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 2 Comments

This article shows how to onboard new users into your ASP.NET Core application using Azure B2C as the identity provider and the account management. The software has application specific persisted user data and this user data needs to be connected to the identity data from the corresponding user in Azure B2C. Code: https://github.com/damienbod/azureb2c-fed-microsoft-entra-id History 2024-01-02 […]

Create Azure B2C users with Microsoft Graph and ASP.NET Core

March 11, 2022 · by · in .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, OAuth2, Security · 8 Comments

This article shows how to create different types of Azure B2C users using Microsoft Graph and ASP.NET Core. The users are created using application permissions in an Azure App registration. Code: https://github.com/damienbod/azureb2c-fed-microsoft-entra-id History 2024-01-02 Updated to .NET 8, Graph SDK 5 The Microsoft.Identity.Web Nuget package is used to authenticate the administrator user that can create […]

Implementing authorization in Blazor ASP.NET Core applications using Azure AD security groups

February 21, 2022 · by · in .NET Core, ASP.NET Core, Azure, Microsoft Entra ID, OAuth2, Security · 4 Comments

This article shows how to implement authorization in an ASP.NET Core Blazor application using Azure AD security groups as the data source for the authorization definitions. Policies and claims are used in the application which decouples the descriptions from the Azure AD security groups and the application specific authorization requirements. With this setup, it is […]

Using Blazor with a YARP downstream API protected using certificate authentication

February 7, 2022 · by · in .NET, .NET Core, App Service, ASP.NET Core · 4 Comments

This article shows how to use a downstream API protected with certificate authentication using Microsoft YARP reverse proxy from a Blazor application. The Blazor WASM HTTP requests are sent to a secured backend which uses YARP to forward the requests to the API protected with the certificate authentication. The Blazor application authenticates using the OpenIddict […]

Implement a PWA using Blazor with BFF security and Azure B2C

January 31, 2022 · by · in .NET Core, App Service, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 4 Comments

The article shows how to implement a progressive web application (PWA) using Blazor which is secured using the backend for frontend architecture and Azure B2C as the identity provider. Code https://github.com/damienbod/PwaBlazorBffAzureB2C Setup and challenges with PWAs The application is setup to implement all security in the trusted backend and reduce the security risks of the […]

Secure a Blazor WASM ASP.NET Core hosted APP using BFF and OpenIddict

January 3, 2022 · by · in .NET, .NET Core, ASP.NET Core, OAuth2, Security, SQLite, Uncategorized · 4 Comments

This article shows how to implement authentication and secure a Blazor WASM application hosted in ASP.NET Core using the backend for frontend (BFF) security architecture to authenticate. All security is implemented in the backend and the Blazor WASM is a view of the ASP.NET Core application, no security is implemented in the public client. The […]

Use calendar, mailbox settings and Teams presence in ASP.NET Core hosted Blazor WASM with Microsoft Graph

December 20, 2021 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 7 Comments

This article shows how to use Microsoft Graph with delegated permissions in a Blazor WASM ASP.NET Core hosted application. The application uses Microsoft.Identity.Web and the BFF architecture to authenticate against Azure AD. All security logic is implemented in the trusted backend. Microsoft Graph is used to access mailbox settings, teams presence and a users calendar. […]

Implement Compound Proof BBS+ verifiable credentials using ASP.NET Core and MATTR

December 13, 2021 · by · in .NET Core, ASP.NET Core, OAuth2, Security, Self Sovereign Identity · 5 Comments

This article shows how Zero Knowledge Proofs BBS+ verifiable credentials can be used to verify credential subject data from two separate verifiable credentials implemented in ASP.NET Core and MATTR. The ZKP BBS+ verifiable credentials are issued and stored on a digital wallet using a Self-Issued Identity Provider (SIOP) and OpenID Connect. A compound proof presentation […]

Implement certificate authentication in ASP.NET Core for an Azure B2C API connector

November 22, 2021 · by · in .NET, .NET Core, App Service, ASP.NET Core, Azure, dotnet, Microsoft Entra External ID, Microsoft Entra ID · 4 Comments

This article shows how an ASP.NET Core API can be setup to require certificates for authentication. The API is used to implement an Azure B2C API connector service. The API connector client uses a certificate to request profile data from the Azure App Service API implementation, which is validated using the certificate thumbprint. Code: https://github.com/damienbod/AspNetCoreB2cExtraClaims […]

Older posts Newer posts