Tag Archives: OIDC

Secure Angular application using OpenIddict and ASP.NET Core with BFF

September 25, 2023 · by · in .NET Core, ASP.NET Core, OAuth2 · 11 Comments

The article shows how an Angular nx Standalone UI hosted in an ASP.NET Core application can be secured using cookies. OpenIddict is used as the identity provider. The trusted application is protected using the Open ID Connect code flow with a secret and using PKCE. The API calls are protected using the secure cookie and anti-forgery […]

Implement a secure web application using nx Standalone Angular and an ASP.NET Core server

September 11, 2023 · by · in .NET Core, angular, App Service, ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 10 Comments

This article shows how to implement a secure web application using Angular and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both technical stack distributions as one web application. HTTP only secure cookies are used to persist the session. Microsoft Entra ID is used as the identity provider […]

Use multiple Microsoft Entra Verified ID credentials in a verification presentation

August 31, 2023 · by · in .NET, .NET Core, ASP.NET Core, dotnet, Microsoft Entra ID, OAuth2, Security, Self Sovereign Identity · 1 Comment

This post shows how a Microsoft Entra ID verified employee credential can be used together with a self attestation credential to unlock a door. Using this, a person can prove they know a code and prove their employee status. Code: https://github.com/swiss-ssi-group/EntraEmployeeUnlockDoor Get your Verified Employee credential To use this app, the Microsoft Entra employee credential […]

ASP.NET Core Logging using Serilog and Azure

August 21, 2023 · by · in .NET Core, App Service, ASP.NET Core, Azure · 10 Comments

This article shows how to implement logging in an ASP.NET Core application using Serilog and Azure as a hosting environment. Code: https://github.com/damienbod/aspnetcore-azure-logging History Priority logging use cases Two types of default logging use cases need to be supported in most software solutions. The application requires near real time logs which can be easily viewed and […]

Securing APIs using ASP.NET Core and OAuth 2.0 DPoP

August 14, 2023 · by · in .NET Core, ASP.NET Core, OAuth2 · 2 Comments

This article shows how an ASP.NET Core application can access an ASP.NET Core API using OAuth Demonstrating Proof-of-Possession (DPoP). This is a really powerful security enhancement which is relatively easy to support. The access tokens should only be used for what the access tokens are intended for. OAuth DPoP helps force this. This solution was […]

Application security context models

May 1, 2023 · by · in Azure, OAuth2, Security, Self Sovereign Identity · 4 Comments

This article looks at a new concept for creating application security context models for modern solutions using best practice security. By using security context models in projects, a qualitative and secure authentication solution can be produced quicker and more efficient. At present, too many solution architects try to patch the security architecture after the application […]

Provision Azure IoT Hub devices using DPS and X.509 certificates in ASP.NET Core

April 17, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, dotnet, Microsoft Entra ID, OAuth2 · 2 Comments

This article shows how to provision Azure IoT hub devices using Azure IoT hub device provisioning services (DPS) and ASP.NET Core. The devices are setup using chained certificates created using .NET Core and managed in the web application. The data is persisted in a database using EF Core and the certificates are generated using the […]

Use multiple identity providers from a Blazor WASM ASP.NET Core App secured using BFF

February 14, 2023 · by · in .NET, ASP.NET Core, dotnet, OAuth2, Security, Web · 7 Comments

This post shows how to implement a Blazor WASM UI hosted in an ASP.NET Core application using multiple identity providers to authenticate. Two confidential OpenID Connect code flow clients with PKCE are used to implement the Blazor authentication. The Blazor WASM and the ASP.NET Core application are a single security context. This is implemented using […]

Azure AD Multi tenant Azure App registration consent

January 2, 2023 · by · in ASP.NET Core, Azure, Microsoft Entra External ID, Microsoft Entra ID · 3 Comments

This article looks at Azure Active directory and consent with multi-tenant Azure App registrations. Consent works different depending on the user type, the tenant policies and the required permissions. It is sometimes hard to understand why a user cannot login or where the consent has to be given for a specific Azure App registration which […]

Switch tenants in an ASP.NET Core app using Azure AD with multi tenants

October 31, 2022 · by · in .NET, .NET Core, App Service, ASP.NET Core, Azure, dotnet, Microsoft Entra ID, OAuth2 · 5 Comments

This article shows how to switch between tenants in an ASP.NET Core multi-tenant application using a multi-tenant Azure App registration to implement the identity provider. Azure roles are added to the Azure App registration and this can be used in the separate enterprise applications created from the multi-tenant Azure App registration to assign users and […]

Older posts Newer posts