Tag Archives: dotnet

Securing APIs using ASP.NET Core and OAuth 2.0 DPoP

August 14, 2023 · by · in .NET Core, ASP.NET Core, OAuth2 · 2 Comments

This article shows how an ASP.NET Core application can access an ASP.NET Core API using OAuth Demonstrating Proof-of-Possession (DPoP). This is a really powerful security enhancement which is relatively easy to support. The access tokens should only be used for what the access tokens are intended for. OAuth DPoP helps force this. This solution was […]

Use a Microsoft Entra Verified ID Employee credential to view paycheck data

August 7, 2023 · by · in .NET Core, ASP.NET Core, Azure, Entra CIAM, Microsoft Entra External ID, Microsoft Entra ID · 1 Comment

This post shows how a Microsoft Entra Verified ID employee credential can be used to access user specific data. This demo shows possible paycheck data from Switzerland. A payment ID can be the printed on the pay slip or the payment document could have a QR Code to scan. The user specific data can then […]

Issue Employee verifiable credentials using Entra Verified ID and ASP.NET Core

July 3, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 5 Comments

This article shows how to implement verifiable credentials using Microsoft Entra Verified ID and ASP.NET Core to issue the employee credentials. This solution uses a self sovereign identity (SSI) based technical stack built using open standards and some of the SSI concepts. The credential can be loaded into a wallet belonging to a holder and […]

Reset passwords in ASP.NET Core using delegated permissions and Microsoft Graph

June 19, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · Leave a comment

This article shows how an administrator can reset passwords for local members of an Azure AD tenant using Microsoft Graph and delegated permissions. An ASP.NET Core application is used to implement the Azure AD client and the Graph client services. Code: https://github.com/damienbod/azuerad-reset Setup Azure App registration The Azure App registration is setup to authenticate with […]

Reset user account passwords using Microsoft Graph and application permissions in ASP.NET Core

June 12, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 2 Comments

This article shows how to reset a password for tenant members using a Microsoft Graph application client in ASP.NET Core. An Azure App registration is used to define the application permission for the Microsoft Graph client and the User Administrator role is assigned to the Azure Enterprise application created from the Azure App registration. Code: […]

ASP.NET Core authorization using Entra External ID CIAM and Azure AD security groups

June 5, 2023 · by · in ASP.NET Core, Azure, Entra CIAM, Microsoft Entra ID · 3 Comments

This article looks at implementing authorization in Microsoft Entra External ID for customers (CIAM) using Azure AD delegated roles. The roles can be assigned to users or groups in an Azure Enterprise application. Code: https://github.com/damienbod/EntraExternalIdCiam Blogs in this series In Azure AD it has been possible to use roles with users and groups to implement […]

ASP.NET Core authentication using Microsoft Entra External ID for customers (CIAM)

May 30, 2023 · by · in ASP.NET Core, Azure, Entra CIAM, Microsoft Entra ID · 4 Comments

This article looks at implementing an ASP.NET Core application which authenticates using Microsoft Entra External ID for customers (CIAM). The ASP.NET Core authentication is implemented using the Microsoft.Identity.Web Nuget package. The client implements the OpenID Connect code flow with PKCE and a confidential client. Code: https://github.com/damienbod/EntraExternalIdCiam Posts in this series Microsoft Entra External ID for […]

Blazor and CSP

May 22, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 6 Comments

This post looks at the a recent fix for Blazor which I think is of massive importance. You can now develop with Blazor in Visual Studio using a strong CSP. Code: https://github.com/damienbod/Hostedblazor8Aad History When developing applications, the development environment should be as close as possible to the target production deployment. As a rule, the more […]

Trust phishing resistant MFA for cross tenant users

May 8, 2023 · by · in .NET Core, ASP.NET Core, OAuth2, Security, Web · 3 Comments

This article shows how to force phishing resistant authentication for external B2B users using a cross tenant trust. The external users are from a separate tenant and the local tenant needs to trust the multiple factor authentication (MFA) from the other known tenants. This prevents the user having to authenticate again and setup more MFA. […]

Provision Azure IoT Hub devices using DPS and X.509 certificates in ASP.NET Core

April 17, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, dotnet, Microsoft Entra ID, OAuth2 · 2 Comments

This article shows how to provision Azure IoT hub devices using Azure IoT hub device provisioning services (DPS) and ASP.NET Core. The devices are setup using chained certificates created using .NET Core and managed in the web application. The data is persisted in a database using EF Core and the certificates are generated using the […]

Older posts Newer posts