Tag Archives: cloud

Digital Authentication and Identity validation

December 20, 2025 · by · in e-id, OAuth2, OpenId, Security, Self Sovereign Identity · Leave a comment

This post looks at authentication and identity validation and describes what should be validated and some of the concepts. With the increasing push to move processes to a digital world and the new threat models, authentication and identity validation MUST be implemented in a professional way. Using standards like OpenID Connect, OAuth and OpenID VCs […]

Implement a secure MCP server using OAuth and Entra ID

September 23, 2025 · by · in .NET, .NET Core, ASP.NET Core, dotnet, Entra CIAM, MCP, Microsoft Entra External ID, OAuth2, Open AI, OpenId · 2 Comments

The article shows how to implement a secure model context protocol (MCP) server using OAuth and Entra ID. The MCP server is implemented using ASP.NET Core and uses Microsoft Entra ID to secure the API. An ASP.NET Core application using Azure OpenAI and semantic kernel is used to implement the MCP client for the agent […]

Reset Cookies and force new sign-in using ASP.NET Core Identity

August 18, 2025 · by · in Uncategorized · 3 Comments

This post looks at implementing a cookie reset in an ASP.NET Core application using Duende identity server which federates to Entra ID. Sometimes cookies need to be reset for end users due to size problems, or unknown remote authentication server errors. The cookies can be cleared and a new sign in can be forced. Code: […]

Issue and verify credentials using the Swiss Digital identity public beta, ASP.NET Core and .NET Aspire

August 4, 2025 · by · in ASP.NET Core, aspire, e-id, OAuth2, OpenId, Security, Self Sovereign Identity · 6 Comments

This post shows how to issue and verify identities (verifiable credentials) using the Swiss Digital identity and trust infrastructure, (swiyu), ASP.NET Core and .NET Aspire. The swiyu infrastructure is implemented using the provided generic containers which implement the OpenID for Verifiable Credential Issuance and the OpenID for Verifiable Presentations standards as well as many other […]

Handling OpenID Connect error events in ASP.NET Core

June 2, 2025 · by · in .NET, .NET Core, ASP.NET Core, dotnet, OAuth2, Security · 1 Comment

ASP.NET Core provides great extension points for handling OpenID Connect error events. This blog looks at implementing error handling in an ASP.NET Core application implemented using ASP.NET Core Identity. Code: https://github.com/damienbod/IdentityExternalErrorHandling Setup The application uses OpenID Connect to implement the authentication of the user identities. This implements a standard OpenID Connect flow and uses Microsoft […]

Using multiple external identity providers from ASP.NET Core Identity and Duende IdentityServer

May 19, 2025 · by · in .NET Core, ASP.NET Core · 1 Comment

This blog post shows how an ASP.NET Core Identity application can integrate and implement multiple external identity providers. An OIDC client UI uses the solution and is implemented using Duende IdentityServer. The same scheme is used for all the external providers and mapped to the identity for the client UI and the application. Using OpenID […]

ASP.NET Core delegated Microsoft OBO access token management (Entra only)

March 25, 2025 · by · in .NET, .NET Core, App Service, Azure, dotnet, Microsoft Entra ID, OAuth2, Security · 1 Comment

This blog shows how to implement a delegated Microsoft On-Behalf-Of flow in ASP.NET Core, and has a focus on access token management. The solution uses Microsoft.Identity.Web to implement the different flows and it really simple to implement, when you know how to use the Nuget package and use the correct Microsoft documentation. The application can […]

Use client assertions in OpenID Connect and ASP.NET Core

February 24, 2025 · by · in .NET, .NET Core, ASP.NET Core, OAuth2, Security · 3 Comments

Client assertions is a method of client authentication which can be used in OpenID Connect. This provides an alternative to client secrets. This approach enhances security by using signed tokens (JWTs) to authenticate clients during the token request process or the OAuth PAR request. In ASP.NET Core, client assertions is not supported per default, a […]

Customizing a single client sign-in using parameters in Duende IdentityServer

February 17, 2025 · by · in .NET, .NET Core, ASP.NET Core, dotnet, OAuth2, Security · 2 Comments

This post looks at customizing the sign-in UI and the sign-in options in an ASP.NET Core application using Duende IdentityServer and ASP.NET Core Identity. There are multiple ways of changing the look and feel of the UI for different OpenID Connect clients or different client flows. In the previous post, the UI was customized per […]

ASP.NET Core user application access token management

January 20, 2025 · by · in .NET Core, ASP.NET Core, dotnet, OAuth2, Security · 3 Comments

This article looks at management application access tokens in an ASP.NET Core web application. Any application with or without a user can use application access tokens as long as the application can persist the tokens in a safe way. Code: https://github.com/damienbod/token-mgmt-ui-application Blogs in this series Setup The ASP.NET Core web application authenticates using OpenID Connect […]

Older posts