Tag Archives: ASP.NET Core

Using multiple APIs in Angular and ASP.NET Core with Microsoft Entra ID authentication

December 8, 2020 · by · in .NET, .NET Core, angular, App Service, ASP.NET Core, ASPNET5, Azure, MVC, OAuth2, Security · 8 Comments

This article shows how an Angular application could be used to access many APIs in a secure way. An API is created specifically for the Angular UI and the further APIs can only be access from the trusted backend which is under our control. Code: https://github.com/damienbod/MicrosoftEntraIDAuthMicrosoftIdentityWeb Posts in this series History Setup The applications are […]

Securing an ASP.NET Core API which uses multiple access tokens

December 3, 2020 · by · in .NET Core, ASP.NET Core, ASPNET5, MVC, OAuth2, Security · 11 Comments

This post shows how an ASP.NET Core API can authorize API calls which use different access tokens from different identity providers or different access tokens from the same identity provider but created for different clients and containing different claims. The access tokens are validated using JWT Bearer authentication as well as an authorization policy which […]

Using Microsoft Graph API delegated clients in ASP.NET Core

November 20, 2020 · by · in .NET, .NET Core, ASP.NET Core, Azure, OAuth2, Security · 7 Comments

This post shows how Microsoft Graph API can be used in both ASP.NET Core UI web applications and also ASP.NET Core APIs for delegated identity flows. The ASP.NET Core applications are secured using Microsoft.Identity.Web. In the API project, the Graph API client is used in a delegated flow with user access tokens getting an access […]

Implement a Web APP and an ASP.NET Core Secure API using Microsoft Entra ID which delegates to a second API

November 9, 2020 · by · in .NET Core, App Service, ASP.NET Core, Azure, MVC, OAuth2, Security, Web · 4 Comments

This article shows how an ASP.NET Core Web application can authenticate and access a downstream API using user access tokens and delegate to another API in Microsoft Entra ID also using user access tokens. Microsoft.Identity.Web is used in all three applications to acquire the tokens afor the Web API and the access tokens for the […]

Implement a Blazor full text search using Azure Cognitive Search

November 2, 2020 · by · in .NET Core, ASP.NET Core, ASPNET5, Azure, Azure Cognitive Search · 2 Comments

This article shows how to implement a full text search in Blazor using Azure Cognitive Search. The search results are returned using paging and the search index can be created, deleted from a Blazor application. Code: https://github.com/damienbod/AspNetCoreAzureSearch Posts in this series Implement a full text search using Azure Cognitive Search in ASP.NET Core Using Azure […]

Using Azure Cognitive Search Suggesters in ASP.NET Core and Autocomplete

October 29, 2020 · by · in .NET, .NET Core, ASP.NET Core, Azure, Lucene · 4 Comments

This post shows how to implement an autocomplete in an ASP.NET Core Razor Page using Azure Cognitive Search Suggesters. Code: https://github.com/damienbod/AspNetCoreAzureSearch Posts in this series Implement a full text search using Azure Cognitive Search in ASP.NET Core Using Azure Cognitive Search Suggesters in ASP.NET Core and Autocomplete Implement a Blazor full text search using Azure […]

Implement a full text search using Azure Cognitive Search in ASP.NET Core

October 19, 2020 · by · in .NET Core, ASP.NET Core, ASPNET5, Azure, Azure Cognitive Search, Lucene · 1 Comment

This article shows how to implement a full text search in ASP.NET Core using Azure Cognitive Search. The search results are returned using paging and the search index can be created, deleted from an ASP.NET Core Razor Page UI. Code: https://github.com/damienbod/AspNetCoreAzureSearch Posts in this series Implement a full text search using Azure Cognitive Search in […]

Using Key Vault certificates with Microsoft.Identity.Web and ASP.NET Core applications

October 9, 2020 · by · in .NET Core, App Service, Azure, Azure functions, Azure Key Vault, OAuth2, Security · 5 Comments

This post shows how Azure Key Vault certificates can be used with Microsoft.Identity.Web in an ASP.NET Core application which requires a downstream “access_as_user” API. The Microsoft Entra ID App Registrations requires a certificate instead of a client secret. Code: https://github.com/damienbod/MicrosoftEntraIDAuthMicrosoftIdentityWeb Posts in this series History 2023-11-28 Updated to .NET 8 Creating the Key Vault certificates […]

Using Digital Signatures to check integrity of cipher texts in ASP.NET Core Razor Pages

September 1, 2020 · by · in Uncategorized · 2 Comments

This post shows how digital signatures can be implemented to check the integrity of cipher texts in ASP.NET Core Razor Pages. The cipher texts are encrypted with AES symmetric encryption and the key and the IV required to decrypt the texts are encrypted with asymmetric encryption using RSA certificates with a key size of 3072. […]

Encrypting texts for an Identity in ASP.NET Core Razor Pages using AES and RSA

August 22, 2020 · by · in .NET, .NET Core, ASP.NET Core, dotnet, Security, Web · 4 Comments

The article shows how encrypted texts can be created for specific users in an ASP.NET Core Razor page application. Symmetric encryption is used to encrypt the text or the payload. Asymmetric encryption is used to encrypt the AES key and the IV of the symmetric encryptions. Each ASP.NET Core Identity has an associated X509Certificate2 with […]

Older posts Newer posts