An alternative way to secure SPAs (with ASP.NET Core, OpenID Connect, OAuth 2.0 and ProxyKit) - Share Tech Links

An alternative way to secure SPAs (with ASP.NET Core, OpenID Connect, OAuth 2.0 and ProxyKit)

An alternative way to secure SPAs (with ASP.NET Core, OpenID Connect, OAuth 2.0 and ProxyKit)

You might have noticed the recent public discussions around how to securely build SPAs – and especially about the “weak security properties” of the OAuth 2.0 Implicit Flow.

Bharat Dwarkani shared on Oct 10, 2019

leastprivilege.com

#.NET Core #security #authentication

0 25

0 25

View all .NET Core related posts

Tags

authentication x38 deployment x21 security x19 entity-framework x18 docker x15 azure x14 api x13 mediatr x13 get-started x12 identity-server x11 authorization x10 microservices x10 web-api x10 architecture x10 multi-tenant x9 github x9 grpc x8 middleware x7 performance x7 clean-architecture x7 unit-testing x6 open-source x6 swagger x6 design-pattern x6 cqrs x6 health-check x6 linux-hosting x6 identity x6 ml-net x5 ci x5 jwt x5 angular x5 role-based x5 dependency-injection x5 signalr x5 oauth x5 getting-started x4 kubernetes x4 fluent-validation x4 microservice x4 logging x4 video x4 background-service x4 caching x4 aws x4 file-upload x4 framework x4 ddd x4 visual-studio x4 raspberry x4 saas x3 integration-tests x3 worker-service x3 razor x3 seo x3 auto-mapper x3 project-templates x3 background-jobs x3 windows-service x3 graphql x3 sample-project x3 openapi x3 2fa x3 linux x3 library x3 error-handling x3 best-practices x3 rabbitmq x3 async x3 external-authentication x3 nugget x3 analyzers x3 xss x2 google-cloud x2 mongo-db x2 app-settings x2 configuration x2 distributed-apps x2 react x2 azure-function x2 paging x2 app-service x2 polly x2 template x2 aspnetcore x2 twilio x2 machine-learning x2 odata x2 general x2 github-actions x2 api-gateway x2 rate-limiting x2 postgresql x2 migration x2 key-vault x2 testing x2 translation x2 hosting x2 user-management x2 iot x2 code-quality x2 vulnerabilites x1 csrf x1 sql-injection x1 open-redirect x1 hate-os x1 rest-api x1 moq x1 cd x1 jenkins x1 serilog x1 debugging x1 real-time x1 c x1 c x1 benchmarking x1 data-protection x1 background-tasks x1 dapper x1 mocking x1 containers x1 site-maintenance x1 nswag x1 http-client x1 resources x1 url-shortner x1 aspnet x1 grpc x1 performance x1 app-services x1 open-id x1 aurora-database x1 json x1 rss-feed x1 files-storage x1 practical x1 sample x1 documentaion x1 udemy x1 tutorials x1 c x1 net x1 exception x1 server-sent-events x1 push-messages x1 repository-pattern x1 bundling x1 minification x1 tool x1 whatsapp x1 validation x1 heroku x1 email x1 api-response x1 ocelot x1 feature-toggle x1 enums x1 docs x1 redoc x1 nginx x1 ubuntu x1 object-mapper x1 external-exe x1 session x1 query-string x1 publishing x1 refactoring x1 webp x1 cookie x1 tracing x1 filters x1 repository x1 event-grid x1 bff x1 nservice-bus x1 wpf x1 nlog x1 policy-based x1 rss x1 refit x1 nhibernate x1 crud-operations x1 email-templates x1 guid x1 sorting x1 filtering x1 sitemap x1 qrcode x1 quartz x1 csharp x1 ebook x1 artificial-intelligence x1 streaming x1 stripe x1 payment x1 global-filter x1 message-pack x1 routing x1 versioning x1 javascript x1 social-login x1 systemd x1 cognitive-service x1 c x1 feature-management x1 letsencrypt x1 ssl-certificate x1 sass x1 google x1 extensions x1 device-flow x1 localization x1 globalization x1 auth x1 chat-app x1 linq x1 dynamic-query x1 database x1 plugin-system x1 application-insight x1 output-formatter x1 hangfire x1 action-result x1 installation x1 self-contained x1 starter-template x1 boilerplate x1 project-template x1 publish x1 build x1 startup x1 e-commerce x1 api-docs x1 pwa x1