Tag Archives: technology

Digital Authentication and Identity validation

December 20, 2025 · by · in e-id, OAuth2, OpenId, Security, Self Sovereign Identity · 3 Comments

This post looks at authentication and identity validation and describes what should be validated and some of the concepts. With the increasing push to move processes to a digital world and the new threat models, authentication and identity validation MUST be implemented in a professional way. Using standards like OpenID Connect, OAuth and OpenID VCs […]

Implement MFA using swiyu, the Swiss E-ID with Duende IdentityServer, ASP.NET Core Identity and .NET Aspire

November 10, 2025 · by · in .NET Core, ASP.NET Core, e-id, OAuth2, OpenId, Security, Self Sovereign Identity · 4 Comments

The post shows how to use the Swiss Digital identity and trust infrastructure, (swiyu) as an MFA method in an ASP.NET Core web application using ASP.NET Core Identity and Duende IdentityServer. The generic containers from swiyu are used to integrate the Swiss E-ID and the OpenID for Verifiable Presentations standards. Code: https://github.com/swiss-ssi-group/swiyu-idp-mfa-aspire-aspnetcore Blogs in this […]

Implement a secure MCP server using OAuth DPoP and Duende identity provider

November 3, 2025 · by · in .NET Core, ASP.NET Core, Azure, MCP, OAuth2, Open AI, OpenId, Security · 1 Comment

This post demonstrates how an ASP.NET Core application can connect to a secure MCP server using OpenID Connect and OAuth. Both applications use Duende IdentityServer as the identity provider. The MCP server requires delegated DPoP access tokens. Code: https://github.com/damienbod/McpOidcOAuth Setup The UI application authenticates with the Duende IdentityServer using OpenID Connect. Upon successful authentication, a […]

Implement a secure MCP OAuth desktop client using OAuth and Entra ID

October 16, 2025 · by · in .NET, .NET Core, ASP.NET Core, Azure, Entra CIAM, MCP, Microsoft Entra External ID, Microsoft Entra ID, OAuth2, Open AI, Security · 1 Comment

The article demonstrates how to implement a secure MCP OAuth desktop client using Microsoft Entra ID. The MCP server is built with ASP.NET Core and secured using Microsoft Entra ID. The MCP client is a .NET console application that must acquire an OAuth access token to interact with the MCP server. Code: https://github.com/damienbod/McpSecurity Setup A […]

Implement a secure MCP server using OAuth and Entra ID

September 23, 2025 · by · in .NET, .NET Core, ASP.NET Core, dotnet, Entra CIAM, MCP, Microsoft Entra External ID, OAuth2, Open AI, OpenId · 2 Comments

The article shows how to implement a secure model context protocol (MCP) server using OAuth and Entra ID. The MCP server is implemented using ASP.NET Core and uses Microsoft Entra ID to secure the API. An ASP.NET Core application using Azure OpenAI and semantic kernel is used to implement the MCP client for the agent […]

Reset Cookies and force new sign-in using ASP.NET Core Identity

August 18, 2025 · by · in Uncategorized · 3 Comments

This post looks at implementing a cookie reset in an ASP.NET Core application using Duende identity server which federates to Entra ID. Sometimes cookies need to be reset for end users due to size problems, or unknown remote authentication server errors. The cookies can be cleared and a new sign in can be forced. Code: […]

Issue and verify credentials using the Swiss Digital identity public beta, ASP.NET Core and .NET Aspire

August 4, 2025 · by · in ASP.NET Core, aspire, e-id, OAuth2, OpenId, Security, Self Sovereign Identity · 6 Comments

This post shows how to issue and verify identities (verifiable credentials) using the Swiss Digital identity and trust infrastructure, (swiyu), ASP.NET Core and .NET Aspire. The swiyu infrastructure is implemented using the provided generic containers which implement the OpenID for Verifiable Credential Issuance and the OpenID for Verifiable Presentations standards as well as many other […]

Revisiting using a Content Security Policy (CSP) nonce in Blazor

May 26, 2025 · by · in Uncategorized · 2 Comments

This blog looks at implementing a strong Content Security Policy (CSP) in web applications implemented using Blazor and ASP.NET Core. When implementing CSP, I always recommend using a CSP nonce or at least CSP hashes. If a technical stack does not support CSP nonces, you should probably avoid using this solution when implementing secure and […]

Customizing a single client sign-in using parameters in Duende IdentityServer

February 17, 2025 · by · in .NET, .NET Core, ASP.NET Core, dotnet, OAuth2, Security · 2 Comments

This post looks at customizing the sign-in UI and the sign-in options in an ASP.NET Core application using Duende IdentityServer and ASP.NET Core Identity. There are multiple ways of changing the look and feel of the UI for different OpenID Connect clients or different client flows. In the previous post, the UI was customized per […]

ASP.NET Core user delegated access token management

January 15, 2025 · by · in .NET Core, ASP.NET Core, dotnet · 3 Comments

The article looks at managing user delegated access tokens for a downstream API in an ASP.NET Core web application. There are many ways of implementing this, all with advantages and disadvantages. The tokens are requested from an OpenID Connect server using the recommended standards. In this blog, the UI access token from the application authentication […]

Older posts