Tag Archives: DPoP

Implement a secure MCP server using OAuth DPoP and Duende identity provider

November 3, 2025 · by damienbod · in .NET Core, ASP.NET Core, Azure, MCP, OAuth2, Open AI, OpenId, Security · 1 Comment

This post demonstrates how an ASP.NET Core application can connect to a secure MCP server using OpenID Connect and OAuth. Both applications use Duende IdentityServer as the identity provider. The MCP server requires delegated DPoP access tokens. Code: https://github.com/damienbod/McpOidcOAuth Setup The UI application authenticates with the Duende IdentityServer using OpenID Connect. Upon successful authentication, a […]

Implement client assertions with client credentials flow using OAuth DPoP

May 12, 2025 · by damienbod · in .NET, .NET Core, ASP.NET Core, OAuth2, Security · 3 Comments

This blog looks at implementing client assertions for the client credentials flow using OAuth 2.0 Demonstration of Proof-of-Possession (DPoP). The client credentials flow is an OAuth 2.0 authorization grant type used for machine-to-machine authentication. DPoP further strengthens the security by ensuring that the client possesses a specific key at the time of the request, forcing […]

Software Engineering

Tag Archives: DPoP

Implement a secure MCP server using OAuth DPoP and Duende identity provider

Implement client assertions with client credentials flow using OAuth DPoP

Categories

blogs 1 web, general

blogs 2 security

blogs 3 Azure

blogs 4 SSI DID

blogs 5a

blogs 5b

tools

web

Meta

Archives