Tag Archives: .NET 5

Require user password verification with ASP.NET Core Identity to access Razor Page

February 19, 2021 · by · in .NET Core, ASP.NET Core, ASPNET5, Security, Validation, Web · 4 Comments

This post shows how an ASP.NET Core application which uses ASP.NET Core Identity to authenticate and authorize users of the application can be used to require user password verification to view specific Razor pages in the application. If the user opens one of the Razor pages which require a password verification to open the page, […]

Implement OAUTH Device Code Flow with Azure AD and ASP.NET Core

January 28, 2021 · by · in .NET, ASP.NET Core, Azure, MVC, OAuth2, Security, Web · 2 Comments

The post shows how the Device Code flow (RFC 8628) could be implemented in an ASP.NET Core web application which uses Azure AD as an identity provider. An Azure App registration is used to setup the client. This solution would be useful for input constrained devices which have a browser and need to authenticate identities. […]

Protecting legacy APIs with an ASP.NET Core Yarp reverse proxy and Azure AD OAuth

January 11, 2021 · by · in .NET, ASP.NET Core, ASPNET5, Azure, OAuth2, Security · 2 Comments

This article shows how a legacy API could be protected using an ASP.NET Core Yarp reverse proxy and Azure AD OAuth. The security is implemented using Azure AD and Microsoft.Identity.Web. Sometimes it is not possible to update an existing or old API within a reasonable price and the financially best way to use it in […]

Azure AD Access Token Lifetime Policy Management in ASP.NET Core

January 5, 2021 · by · in .NET Core, ASP.NET Core, Azure · 1 Comment

This article shows how the lifespan of access tokens can be set and managed in Azure AD using ASP.NET Core Razor pages with Microsoft Graph API and token lifetime policies. A TokenLifetimePolicy can be created for the whole tenant or used for specific Azure App Registrations. Code: Azure AD Token Management Posts in this series […]

Using multiple APIs in Angular and ASP.NET Core with Azure AD authentication

December 8, 2020 · by · in .NET, .NET Core, angular, App Service, ASP.NET Core, ASPNET5, Azure, MVC, OAuth2, Security · 8 Comments

This article shows how an Angular application could be used to access many APIs in a secure way. An API is created specifically for the Angular UI and the further APIs can only be access from the trusted backend which is under our control. Code: https://github.com/damienbod/AzureADAuthRazorUiServiceApiCertificate Posts in this series Implement Azure AD Client credentials […]