Tag Archives: BFF

Using Blazor with a YARP downstream API protected using certificate authentication

February 7, 2022 · by · in .NET, .NET Core, App Service, ASP.NET Core · 2 Comments

This article shows how to use a downstream API protected with certificate authentication using Microsoft YARP reverse proxy from a Blazor application. The Blazor WASM HTTP requests are sent to a secured backend which uses YARP to forward the requests to the API protected with the certificate authentication. The Blazor application authenticates using the OpenIddict […]

Implement a PWA using Blazor with BFF security and Azure B2C

January 31, 2022 · by · in .NET Core, App Service, ASP.NET Core, Azure, Azure AD, Azure B2C, OAuth2, Security · 4 Comments

The article shows how to implement a progressive web application (PWA) using Blazor which is secured using the backend for frontend architecture and Azure B2C as the identity provider. Code https://github.com/damienbod/PwaBlazorBffAzureB2C Setup and challenges with PWAs The application is setup to implement all security in the trusted backend and reduce the security risks of the […]

Comparing the backend for frontend (BFF) security architecture with an SPA UI using a public API

January 10, 2022 · by · in OAuth2, Security · 5 Comments

This article compares the security architecture of an application implemented using a public UI SPA with a trusted API backend and the same solution implemented using the backend for frontend (BFF) security architecture. The main difference is that the first solution is separated into two applications, implemented and deployed as two where as the second […]

Secure a Blazor WASM ASP.NET Core hosted APP using BFF and OpenIddict

January 3, 2022 · by · in .NET, .NET Core, ASP.NET Core, OAuth2, Security, SQLite, Uncategorized · 4 Comments

This article shows how to implement authentication and secure a Blazor WASM application hosted in ASP.NET Core using the backend for frontend (BFF) security architecture to authenticate. All security is implemented in the backend and the Blazor WASM is a view of the ASP.NET Core application, no security is implemented in the public client. The […]

Securing Blazor Web assembly using Cookies and Auth0

April 12, 2021 · by · in .NET Core, ASP.NET Core, OAuth2, Security, Web · 5 Comments

The article shows how an ASP.NET Core Blazor web assembly UI hosted in an ASP.NET Core application can be secured using cookies. Auth0 is used as the identity provider. The trusted application is protected using the Open ID Connect code flow with a secret and using PKCE. The API calls are protected using the secure […]