Tag Archives: OpenId connect

OpenID Connect back-channel logout using Azure Redis Cache and IdentityServer4

December 18, 2018 · by · in .NET Core, ASP.NET Core, Azure, Deployment, MVC, Security, Web · 12 Comments

This article shows how to implement an OpenID Connect back-channel logout, which uses Azure Redis cache so that the session logout will work with multi instance deployments. Code: https://github.com/damienbod/AspNetCoreBackChannelLogout Posts in this series: OpenID Connect back-channel logout using Azure Redis Cache and IdentityServer4 Using Azure Key Vault with ASP.NET Core and Azure App Services Deploying […]

Implementing a multi-tenant OIDC Azure AD external login for IdentityServer4

August 15, 2018 · by · in ASP.NET Core, dotnet, MVC, OAuth2, Security · 7 Comments

This article shows how to setup a multi-tenant Azure AD external login for IdentityServer4 which uses ASP.NET Core Identity. Code: IdentityServer4 app with Identity Setting up the Azure AD Application registration for multiple tenants An Azure AD Application registration needs to be setup for the Active Directory tenant. Login to the Azure portal and switch […]

OAuth using OIDC Authentication with PKCE for a .NET Core Console Native Application

April 25, 2018 · by · in .NET Core, ASP.NET Core, dotnet, OAuth2, Security · 5 Comments

This article shows how to use a .NET Core console application securely with an API using the RFC 7636 specification. The app logs into IdentityServer4 using the OIDC authorization code flow with a PKCE (Proof Key for Code Exchange). The app can then use the access token to consume data from a secure API. This […]

ASP.NET Core Authorization for Windows, Local accounts

April 19, 2018 · by · in .NET, .NET Core, ASP.NET Core, ASPNET5, OAuth2, Security · 5 Comments

This article shows how authorization could be implemented for an ASP.NET Core MVC application. The authorization logic is extracted into a separate project, which is required by some certification software requirements. This could also be deployed as a separate service. Code: https://github.com/damienbod/AspNetCoreWindowsAuth Blogs in this series: Supporting both Local and Windows Authentication in ASP.NET Core […]

Supporting both Local and Windows Authentication in ASP.NET Core MVC using IdentityServer4

April 15, 2018 · by · in .NET Core, ASP.NET Core, ASPNET5, dotnet, MVC, OAuth2, Security, Web · 14 Comments

This article shows how to setup an ASP.NET Core MVC application to support both users who can login in with a local login account, solution specific, or use a windows authentication login. The identity created from the windows authentication could then be allowed to do different tasks, for example administration, or a user from the […]

Securing an ASP.NET Core MVC application which uses a secure API

February 2, 2018 · by · in .NET, .NET Core, ASP.NET Core, dotnet, MVC, OAuth2, Security, Web · 5 Comments

The article shows how an ASP.NET Core MVC application can implement security when using an API to retrieve data. The OpenID Connect Hybrid flow is used to secure the ASP.NET Core MVC application. The application uses tokens stored in a cookie. This cookie is not used to access the API. The API is protected using […]

Using the dotnet Angular template with Azure AD OIDC Implicit Flow

January 23, 2018 · by · in .NET, .NET Core, angular, ASP.NET Core, ASPNET5, Azure, javascript, MVC, OAuth2, Security, Typescript, Web · 18 Comments

This article shows how to use Azure AD with an Angular application implemented using the Microsoft dotnet template and the angular-auth-oidc-client npm package to implement the OpenID Implicit Flow. The Angular app uses bootstrap 4 and Angular CLI. Code: https://github.com/damienbod/dotnet-template-angular History 2019-09-23 Updated to ASP.NET Core 3.0, OIDC 10.0.8 2018-07-13 Removed static calls to the […]

Creating specific themes for OIDC clients using razor views with IdentityServer4

January 5, 2018 · by · in .NET, .NET Core, ASP.NET Core, ASPNET5, dotnet, MVC, Web · 1 Comment

This post shows how to use specific themes in an ASPNET Core STS application using IdentityServer4. For each OpenId Connect (OIDC) client, a separate theme is used. The theme is implemented using Razor, based on the examples, code from Ben Foster. Thanks for these. The themes can then be customized as required. Code: https://github.com/damienbod/AspNetCoreIdentityServer4Persistence Setup […]

Using an EF Core database for the IdentityServer4 configuration data

December 30, 2017 · by · in .NET Core, MVC, OAuth2, Security, Web · 5 Comments

This article shows how to implement a database store for the IdentityServer4 configurations for the Client, ApiResource and IdentityResource settings using Entity Framework Core and SQLite. This could be used, if you need to create clients, or resources dynamically for the STS, or if you need to deploy the STS to multiple instances, for example […]

Sending Direct Messages using SignalR with ASP.NET Core and Angular

December 5, 2017 · by · in .NET Core, angular, ASP.NET Core, OAuth2, Security, SignalR · 11 Comments

This article shows how SignalR could be used to send direct messages between different clients using ASP.NET Core to host the SignalR Hub and Angular to implement the clients. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity Posts in this series History 2023-01-08 Updated Angular 15, .NET 72021-01-25 Updated Angular 11.1.0 .NET 5, ngrx implementation2020-03-21 updated packages, fixed Admin UI STS2019-08-18 […]

Older posts Newer posts