This post shows how to implement an autocomplete in an ASP.NET Core Razor Page using Azure Cognitive Search Suggesters. Code: https://github.com/damienbod/AspNetCoreAzureSearch Posts in this series Implement a full text search using Azure Cognitive Search in ASP.NET Core Using Azure Cognitive Search Suggesters in ASP.NET Core and Autocomplete Implement a Blazor full text search using Azure […]
This post shows how to use encrypted access tokens with Microsoft Entra ID App registrations using Microsoft.Identity.Web. By using encrypted access tokens, only applications with access to the private key can decrypt the tokens. When using encrypted tokens, you can prevent access tokens data being used or read by such tools as https://jwt.ms or https://jwt.io […]
This article shows how to implement a full text search in ASP.NET Core using Azure Cognitive Search. The search results are returned using paging and the search index can be created, deleted from an ASP.NET Core Razor Page UI. Code: https://github.com/damienbod/AspNetCoreAzureSearch Posts in this series Implement a full text search using Azure Cognitive Search in […]
This post shows how Azure Key Vault certificates can be used with Microsoft.Identity.Web in an ASP.NET Core application which requires a downstream “access_as_user” API. The Microsoft Entra ID App Registrations requires a certificate instead of a client secret. Code: https://github.com/damienbod/MicrosoftEntraIDAuthMicrosoftIdentityWeb Posts in this series History 2023-11-28 Updated to .NET 8 Creating the Key Vault certificates […]
This post shows how to implement an Microsoft Entra ID client credential flows to access an API for a service-to-service connection. No user is involved in this flow. A client certificate (Private Key JWT authentication) is used to get the access token and the token is used to access the API which is then used […]
This post shows how to implement OAuth security for an Azure Function using user-access JWT Bearer tokens created using Microsoft Entra ID and App registrations. A client web application implemented in ASP.NET Core is used to authenticate and the access token created for the identity is used to access the API implemented using Azure Functions. […]
This post shows how an Azure Key Vault can be protected inside an Azure virtual network. The deployment is setup so that only applications in the same VNET can access the Key Vault. To implement this, the access to the Key Vault is restricted to the VNET and secondly, the applications accessing the Key Vault […]
In this post, an Azure Function is deployed in a Azure Virtual Network and the access to the Azure Function is restricted so that it cannot be reach from the Internet. Only Applications deployed in the same VNET can access the Azure Functions. Code: https://github.com/damienbod/AzureFunctionsSecurity History Blogs in the series Target Setup The Virtual network […]
This article shows how to secure Azure Functions using X509 certificates. The client is required to send a specific certificate to access the Azure Function. Code: https://github.com/damienbod/AzureFunctionsSecurity History Blogs in the series Setup the Azure Function to require certificates A Dedicated (App Service) plan is used, so that certificates can be set to required for […]
This post shows how digital signatures can be implemented to check the integrity of cipher texts in ASP.NET Core Razor Pages. The cipher texts are encrypted with AES symmetric encryption and the key and the IV required to decrypt the texts are encrypted with asymmetric encryption using RSA certificates with a key size of 3072. […]
Software Engineering 