Tag Archives: OpenId connect

Securing a MudBlazor UI web application using security headers and Microsoft Entra ID

December 13, 2023 · by · in .NET Core, App Service, ASP.NET Core, Azure, dotnet, Microsoft Entra ID, OAuth2, Security · 5 Comments

This article shows how a Blazor application can be implemented in a secure way using MudBlazor UI components and Microsoft Entra ID as an identity provider. The MudBlazor UI components adds some inline styles and requires a specific CSP setup due to this and the Blazor WASM script requirements. Code: https://github.com/damienbod/MicrosoftEntraIDMudBlazor Setup The application is […]

Authentication with multiple identity providers in ASP.NET Core

November 13, 2023 · by · in .NET Core, ASP.NET Core, dotnet, OAuth2 · 2 Comments

This article shows how to implement authentication in ASP.NET Core using multiple identity providers or secure token servers. When using multiple identity providers, the authentication flows need to be separated per scheme for the sign-in flow and the sign-out flow. The claims are different and would require mapping logic depending on the authorization logic of […]

Fix missing tokens when using downstream APIs and Microsoft Identity in ASP.NET Core

October 18, 2023 · by · in ASP.NET Core, Azure, Entra CIAM, graph, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 2 Comments

This article shows how a secure ASP.NET Core application can use Microsoft Entra ID downstream APIs and an in-memory cache. When using in-memory cache and after restarting an application, the tokens are missing for a value session stored in the cookie. The application needs to recover. Code: https://github.com/damienbod/bff-aspnetcore-angular OpenID Connect client setup The ASP.NET Core […]

Implement a secure web application using Vue.js and an ASP.NET Core server

October 2, 2023 · by · in .NET, .NET Core, App Service, ASP.NET Core, Azure, Entra CIAM, Microsoft Entra External ID, Microsoft Entra ID · 1 Comment

This article shows how to implement a secure web application using Vue.js and ASP.NET Core. The web application implements the backend for frontend security architecture (BFF) and deploys both technical stack distributions as one web application. HTTP only secure cookies are used to persist the session. Microsoft Entra ID is used as the identity provider […]

Use multiple identity providers from a Blazor WASM ASP.NET Core App secured using BFF

February 14, 2023 · by · in .NET, ASP.NET Core, dotnet, OAuth2, Security, Web · 7 Comments

This post shows how to implement a Blazor WASM UI hosted in an ASP.NET Core application using multiple identity providers to authenticate. Two confidential OpenID Connect code flow clients with PKCE are used to implement the Blazor authentication. The Blazor WASM and the ASP.NET Core application are a single security context. This is implemented using […]

Implement the OAUTH 2.0 Token Exchange delegated flow between an Microsoft Entra ID API and an API protected using OpenIddict

January 9, 2023 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 5 Comments

This article shows how to implement the OAUTH 2.0 Token Exchange RFC 8693 delegated flow between two APIs, one using Microsoft Entra ID to authorize the HTTP requests and a second API protected using OpenIddict. The Microsoft Entra ID protected API uses the OAUTH 2.0 Token Exchange RFC 8693 delegated flow to get a new […]

Implement the On Behalf Of flow between an Azure AD protected API and an API protected using OpenIddict

October 3, 2022 · by · in .NET, .NET Core, ASP.NET Core, Azure, Microsoft Entra ID · 7 Comments

This article shows how to implement the On Behalf Of flow between two APIs, one using Azure AD to authorize the HTTP requests and a second API protected using OpenIddict. The Azure AD protected API uses the On Behalf Of flow (OBO) to get a new OpenIddict delegated access token using the AAD delegated access […]

ASP.NET Core Api Auth with multiple Identity Providers

September 19, 2022 · by · in .NET, .NET Core, ASP.NET Core, Azure, OAuth2, Security · 8 Comments

This article shows how an ASP.NET Core API can be secured using multiple access tokens from different identity providers. ASP.NET Core schemes and policies can be used to set this up. Code: https://github.com/damienbod/AspNetCoreApiAuthMultiIdentityProvider History 2023-04-29 Updated packages and revert to default JWT authorization packages due to errors on update. The ASP.NET Core API has a […]

Add Fido2 MFA to an OpenIddict identity provider using ASP.NET Core Identity

July 4, 2022 · by · in .NET, .NET Core, ASP.NET Core, OAuth2, Security, Web · 5 Comments

This article shows how to add Fido2 multi-factor authentication to an OpenID Connect identity provider using OpenIddict and ASP.NET Core Identity. OpenIddict implements the OpenID Connect standards and ASP.NET Core Identity is used for the user accounting and persistence of the identities. Code: https://github.com/damienbod/AspNetCoreOpeniddict I began by creating an OpenIddict web application using ASP.NET Core […]

Transforming identity claims in ASP.NET Core and Cache

March 16, 2022 · by · in .NET, ASP.NET Core, Azure, dotnet, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Security · 5 Comments

The article shows how to add extra identity claims to an ASP.NET Core application which authenticates using the Microsoft.Identity.Web client library and Azure AD B2C or Azure AD as the identity provider (IDP). This could easily be switched to OpenID Connect and use any IDP which supports OpenID Connect. The extra claims are added after […]

Older posts Newer posts