Category .NET Core

Implement a secure web application using nx Standalone Angular and an ASP.NET Core server

September 11, 2023 · by · in .NET Core, angular, App Service, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 10 Comments

This article shows how to implement a secure web application using Angular and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both technical stack distributions as one web application. HTTP only secure cookies are used to persist the session. Microsoft Entra ID is used as the identity provider […]

Use multiple Microsoft Entra Verified ID credentials in a verification presentation

August 31, 2023 · by · in .NET, .NET Core, ASP.NET Core, dotnet, Microsoft Entra ID, OAuth2, Security, Self Sovereign Identity · 1 Comment

This post shows how a Microsoft Entra ID verified employee credential can be used together with a self attestation credential to unlock a door. Using this, a person can prove they know a code and prove their employee status. Code: https://github.com/swiss-ssi-group/EntraEmployeeUnlockDoor Get your Verified Employee credential To use this app, the Microsoft Entra employee credential […]

ASP.NET Core Logging using Serilog and Azure

August 21, 2023 · by · in .NET Core, App Service, ASP.NET Core, Azure · 10 Comments

This article shows how to implement logging in an ASP.NET Core application using Serilog and Azure as a hosting environment. Code: https://github.com/damienbod/aspnetcore-azure-logging History Priority logging use cases Two types of default logging use cases need to be supported in most software solutions. The application requires near real time logs which can be easily viewed and […]

Securing APIs using ASP.NET Core and OAuth 2.0 DPoP

August 14, 2023 · by · in .NET Core, ASP.NET Core, OAuth2 · 2 Comments

This article shows how an ASP.NET Core application can access an ASP.NET Core API using OAuth Demonstrating Proof-of-Possession (DPoP). This is a really powerful security enhancement which is relatively easy to support. The access tokens should only be used for what the access tokens are intended for. OAuth DPoP helps force this. This solution was […]

Use a Microsoft Entra Verified ID Employee credential to view paycheck data

August 7, 2023 · by · in .NET Core, ASP.NET Core, Azure, Entra CIAM, Microsoft Entra External ID, Microsoft Entra ID · 1 Comment

This post shows how a Microsoft Entra Verified ID employee credential can be used to access user specific data. This demo shows possible paycheck data from Switzerland. A payment ID can be the printed on the pay slip or the payment document could have a QR Code to scan. The user specific data can then […]

Issue Employee verifiable credentials using Entra Verified ID and ASP.NET Core

July 3, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 5 Comments

This article shows how to implement verifiable credentials using Microsoft Entra Verified ID and ASP.NET Core to issue the employee credentials. This solution uses a self sovereign identity (SSI) based technical stack built using open standards and some of the SSI concepts. The credential can be loaded into a wallet belonging to a holder and […]

Reset passwords in ASP.NET Core using delegated permissions and Microsoft Graph

June 19, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · Leave a comment

This article shows how an administrator can reset passwords for local members of an Azure AD tenant using Microsoft Graph and delegated permissions. An ASP.NET Core application is used to implement the Azure AD client and the Graph client services. Code: https://github.com/damienbod/azuerad-reset Setup Azure App registration The Azure App registration is setup to authenticate with […]

Reset user account passwords using Microsoft Graph and application permissions in ASP.NET Core

June 12, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 2 Comments

This article shows how to reset a password for tenant members using a Microsoft Graph application client in ASP.NET Core. An Azure App registration is used to define the application permission for the Microsoft Graph client and the User Administrator role is assigned to the Azure Enterprise application created from the Azure App registration. Code: […]

Blazor and CSP

May 22, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 6 Comments

This post looks at the a recent fix for Blazor which I think is of massive importance. You can now develop with Blazor in Visual Studio using a strong CSP. Code: https://github.com/damienbod/Hostedblazor8Aad History When developing applications, the development environment should be as close as possible to the target production deployment. As a rule, the more […]

Use Azure PIM with groups in ASP.NET Core

May 15, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 3 Comments

This article shows how to implement Azure Privileged Identity Management access in an ASP.NET Core application using an Azure security group. An Azure Conditional Access Authentication context is used for the Azure administrator giving access to the group for Azure AD users. The Authentication context is setup to require a phishing resistant authentication. An Enterprise application […]

Older posts Newer posts