Tag Archives: cybersecurity

Use client assertions in ASP.NET Core using OpenID Connect, OAuth DPoP and OAuth PAR

February 2, 2026 · by · in .NET, .NET Core, ASP.NET Core, aspire, dotnet, e-id, OAuth2, OpenId, Security · 6 Comments

This post looks at implement client assertions in an ASP.NET Core application OpenID Connect client using OAuth Demonstrating Proof of Possession (DPoP) and OAuth Pushed Authorization Requests (PAR). Code: https://github.com/swiss-ssi-group/swiyu-passkeys-idp-loi-loa Blogs in this series: Setup An ASP.NET code application is setup to authentication using OpenID Connect and OAuth PAR. The web application is an OIDC […]

Digital Authentication and Identity validation

December 20, 2025 · by · in e-id, OAuth2, OpenId, Security, Self Sovereign Identity · 5 Comments

This post looks at authentication and identity validation and describes what should be validated and some of the concepts. With the increasing push to move processes to a digital world and the new threat models, authentication and identity validation MUST be implemented in a professional way. Using standards like OpenID Connect, OAuth and OpenID VCs […]

Creating hashes in .NET

July 1, 2024 · by · in .NET Core, ASP.NET Core · 3 Comments

This article looks at different ways to create hashes in .NET Core. Hashes are useful for one way encryption which can be used for password storage, JWT validation and some other security use cases. When storing hashes in a database, extra care must be taken and the recommended approach from Microsoft should be used when […]

Using a CSP nonce in Blazor Web

February 19, 2024 · by · in .NET Core, ASP.NET Core, javascript · 7 Comments

OLD, please refer to the blogs in the github repo. This article shows how to use a CSP nonce in a Blazor Web application using the InteractiveServer server render mode. Using a CSP nonce is a great way to protect web applications against XSS attacks and other such Javascript vulnerabilities. Code: https://github.com/damienbod/BlazorServerOidc Notes The code […]