Tag Archives: groups

ASP.NET Core authorization using Entra External ID CIAM and Azure AD security groups

June 5, 2023 · by · in ASP.NET Core, Azure, Azure AD, Entra CIAM · 3 Comments

This article looks at implementing authorization in Microsoft Entra External ID for customers (CIAM) using Azure AD delegated roles. The roles can be assigned to users or groups in an Azure Enterprise application. Code: https://github.com/damienbod/EntraExternalIdCiam Blogs in this series In Azure AD it has been possible to use roles with users and groups to implement […]

Use Azure PIM with groups in ASP.NET Core

May 15, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Azure AD · 3 Comments

This article shows how to implement Azure Privileged Identity Management access in an ASP.NET Core application using an Azure security group. An Azure Conditional Access Authentication context is used for the Azure administrator giving access to the group for Azure AD users. The Authentication context is setup to require a phishing resistant authentication. An Enterprise application […]

Implementing authorization in Blazor ASP.NET Core applications using Azure AD security groups

February 21, 2022 · by · in .NET Core, ASP.NET Core, Azure, Azure AD, OAuth2, Security · 4 Comments

This article shows how to implement authorization in an ASP.NET Core Blazor application using Azure AD security groups as the data source for the authorization definitions. Policies and claims are used in the application which decouples the descriptions from the Azure AD security groups and the application specific authorization requirements. With this setup, it is […]

Using Azure security groups in ASP.NET Core with an Azure B2C Identity Provider

September 6, 2021 · by · in .NET, .NET Core, ASP.NET Core, Azure B2C · 4 Comments

This article shows how to implement authorization in an ASP.NET Core application which uses Azure security groups for the user definitions and Azure B2C to authenticate. Microsoft Graph API is used to access the Azure group definitions for the signed in user. The client credentials flow is used to authorize the Graph API client with […]

Restricting access to an Azure AD protected API using Azure AD Groups

June 13, 2020 · by · in .NET Core, ASP.NET Core, Azure · 3 Comments

This post shows how to restrict access to an ASP.NET Core API to only allow users from a defined Azure AD group to use a protected API. The API uses an Azure App registration for authorization. The user signs in with an ASP.NET Core Razor page application or an Angular App and can access the […]