Category .NET Core

Implement a secure web application using Vue.js and an ASP.NET Core server

October 2, 2023 · by · in .NET, .NET Core, App Service, ASP.NET Core, Azure, Entra CIAM, Microsoft Entra External ID, Microsoft Entra ID · 1 Comment

This article shows how to implement a secure web application using Vue.js and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both technical stack distributions as one web application. HTTP only secure cookies are used to persist the session. Microsoft Entra ID is used as the identity provider […]

Secure Angular application using OpenIddict and ASP.NET Core with BFF

September 25, 2023 · by · in .NET Core, ASP.NET Core, OAuth2 · 11 Comments

The article shows how an Angular nx Standalone UI hosted in an ASP.NET Core application can be secured using cookies. OpenIddict is used as the identity provider. The trusted application is protected using the Open ID Connect code flow with a secret and using PKCE. The API calls are protected using the secure cookie and anti-forgery […]

Secure Angular application using Auth0 and ASP.NET Core with BFF

September 18, 2023 · by · in .NET Core, angular, ASP.NET Core, javascript, OAuth2, Security, Typescript · 3 Comments

The article shows how an Angular nx Standalone UI hosted in an ASP.NET Core application can be secured using cookies. Auth0 is used as the identity provider. The trusted application is protected using the Open ID Connect code flow with a secret and using PKCE. The API calls are protected using the secure cookie and anti-forgery tokens […]

Implement a secure web application using nx Standalone Angular and an ASP.NET Core server

September 11, 2023 · by · in .NET Core, angular, App Service, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 10 Comments

This article shows how to implement a secure web application using Angular and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both technical stack distributions as one web application. HTTP only secure cookies are used to persist the session. Microsoft Entra ID is used as the identity provider […]

Use multiple Microsoft Entra Verified ID credentials in a verification presentation

August 31, 2023 · by · in .NET, .NET Core, ASP.NET Core, dotnet, Microsoft Entra ID, OAuth2, Security, Self Sovereign Identity · 1 Comment

This post shows how a Microsoft Entra ID verified employee credential can be used together with a self attestation credential to unlock a door. Using this, a person can prove they know a code and prove their employee status. Code: https://github.com/swiss-ssi-group/EntraEmployeeUnlockDoor Get your Verified Employee credential To use this app, the Microsoft Entra employee credential […]

ASP.NET Core Logging using Serilog and Azure

August 21, 2023 · by · in .NET Core, App Service, ASP.NET Core, Azure · 10 Comments

This article shows how to implement logging in an ASP.NET Core application using Serilog and Azure as a hosting environment. Code: https://github.com/damienbod/aspnetcore-azure-logging History Priority logging use cases Two types of default logging use cases need to be supported in most software solutions. The application requires near real time logs which can be easily viewed and […]

Securing APIs using ASP.NET Core and OAuth 2.0 DPoP

August 14, 2023 · by · in .NET Core, ASP.NET Core, OAuth2 · 2 Comments

This article shows how an ASP.NET Core application can access an ASP.NET Core API using OAuth Demonstrating Proof-of-Possession (DPoP). This is a really powerful security enhancement which is relatively easy to support. The access tokens should only be used for what the access tokens are intended for. OAuth DPoP helps force this. This solution was […]

Use a Microsoft Entra Verified ID Employee credential to view paycheck data

August 7, 2023 · by · in .NET Core, ASP.NET Core, Azure, Entra CIAM, Microsoft Entra External ID, Microsoft Entra ID · 1 Comment

This post shows how a Microsoft Entra Verified ID employee credential can be used to access user specific data. This demo shows possible paycheck data from Switzerland. A payment ID can be the printed on the pay slip or the payment document could have a QR Code to scan. The user specific data can then […]

Issue Employee verifiable credentials using Entra Verified ID and ASP.NET Core

July 3, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 5 Comments

This article shows how to implement verifiable credentials using Microsoft Entra Verified ID and ASP.NET Core to issue the employee credentials. This solution uses a self sovereign identity (SSI) based technical stack built using open standards and some of the SSI concepts. The credential can be loaded into a wallet belonging to a holder and […]

Reset passwords in ASP.NET Core using delegated permissions and Microsoft Graph

June 19, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · Leave a comment

This article shows how an administrator can reset passwords for local members of an Azure AD tenant using Microsoft Graph and delegated permissions. An ASP.NET Core application is used to implement the Azure AD client and the Graph client services. Code: https://github.com/damienbod/azuerad-reset Setup Azure App registration The Azure App registration is setup to authenticate with […]

Older posts Newer posts