This article shows how to force phishing resistant authentication for external B2B users using a cross tenant trust. The external users are from a separate tenant and the local tenant needs to trust the multiple factor authentication (MFA) from the other known tenants. This prevents the user having to authenticate again and setup more MFA. […]
This article looks at a new concept for creating application security context models for modern solutions using best practice security. By using security context models in projects, a qualitative and secure authentication solution can be produced quicker and more efficient. At present, too many solution architects try to patch the security architecture after the application […]
This article shows how to provision Azure IoT hub devices using Azure IoT hub device provisioning services (DPS) and ASP.NET Core. The devices are setup using chained certificates created using .NET Core and managed in the web application. The data is persisted in a database using EF Core and the certificates are generated using the […]
The article looks at and explores the new Azure AD cross-tenant synchronization. The feature makes it really easy to implement the technical part of synchronization between different Azure AD tenants. Code: https://github.com/damienbod/Aad-cross-tenant-synchronization Requirements To use this feature, both the source tenant and the target tenant require at least a P1 Azure AD license. The administrator […]
In this post, Blazor and .NET 8 is used to implement a simple website. I took a .NET 7 project, updated it to .NET 8 and tried out some of the new features in .NET 8. Code: https://github.com/damienbod/Hostedblazor8Aad Setup The project was setup using a .NET 7 project which implements an Azure AD authentication using […]
This post looks at onboarding users into an Azure DevOps team or project using Azure AD access packages. The Azure AD access packages are part of the Microsoft Entra Identity Governance and provide a good solution for onboarding internal or external users into your tenant with access to the defined resources. Flow for onboarding Azure […]
This article shows how an ASP.NET Core Razor Page application could implement an automatic sign-out when a user does not use the application for n-minutes. The application is secured using Azure AD B2C. To remove the session, the client must sign-out both on the ASP.NET Core application and the Azure AD B2C identity provider or […]
The article looks at onboarding different Microsoft Entra ID users with a temporary access pass (TAP) and some type of passwordless authentication. An ASP.NET Core application is used to create the Microsoft Entra ID member users which can then use a TAP to setup the account. This is a great way to onboard users in […]
This article looks at setting up Hangfire with ASP.NET Core and an SQL server. Hangfire provides a solution to run recurring jobs and background jobs with an excellent dashboard to monitor the events. Code: https://github.com/damienbod/AspNetCoreHangfire History 2023-02-21 Fix Delete background job to delete recurring job, feedback from Alex The ASP.NET Core application uses two Hangfire […]
This post shows how to implement a Blazor WASM UI hosted in an ASP.NET Core application using multiple identity providers to authenticate. Two confidential OpenID Connect code flow clients with PKCE are used to implement the Blazor authentication. The Blazor WASM and the ASP.NET Core application are a single security context. This is implemented using […]
Software Engineering 