search

OAuth 2.0 is an industry-standard protocol for authorization. It is designed to accommodate a wide range of applications such as web, desktop, and mobile apps by applying specific authorization processes. A different grant type is specified for each use case. Today we will be discussing the Client Credentials grant type

Bharat Dwarkani shared on Sep 07, 2019
image
espressocoder.com
bookmarks
share
visibility20
visibility20 share bookmarks

Facebook, Google, and external provider authentication in ASP.NET Core describes how to enable users to sign in using OAuth 2.0 with credentials from external authentication providers. The approach described in that topic includes ASP.NET Core Identity as an authentication provider. This sample demonstrates how to use an external authentication provider without ASP.NET Core Identity.

Bharat Dwarkani shared on Aug 28, 2019
image
docs.microsoft.com
bookmarks
share
visibility78
visibility78 share bookmarks

The article shows how to implement user management for an ASP.NET Core application using ASP.NET Core Identity. The application uses custom claims, which need to be added to the user identity after a successful login, and then an ASP.NET Core policy is used to authorize the identity.

Bharat Dwarkani shared on Aug 19, 2019
image
damienbod.com
bookmarks
share
visibility15
visibility15 share bookmarks

There is no doubt that external provider authentication is a must-have feature in new modern applications and makes sense because users are able to easily register new accounts and also login using their social account credentials. The entire process is based on OAuth 2.0 flows which were presented in detail in the OAuth 2.0, OpenID Connect & IdentityServer blog post of the ASP.NET Core Identity Series.

Bharat Dwarkani shared on Aug 19, 2019
image
chsakell.com
bookmarks
share
visibility7
visibility7 share bookmarks

If you want to add more security, you must ask for a second authentication. That's what is called a two-factor authentication (2FA). Commonly, you have a device (specialized or a smartphone) that give you a number to write down on the computer after you entered your password. So, even if your password is compromised, an attacker cannot access your account.

Bharat Dwarkani shared on Aug 18, 2019
image
meziantou.net
bookmarks
share
visibility8
visibility8 share bookmarks

This article shows how Fido2 WebAuthn could be used as 2FA and integrated into an ASP.NET Core Identity application. The Fido2 WebAuthn is implemented using the fido2-net-lib Nuget package, and demo code created by Anders Åberg. The application is implemented using ASP.NET Core 3.0 with Identity.

Bharat Dwarkani shared on Aug 18, 2019
image
damienbod.com
bookmarks
share
visibility60
visibility60 share bookmarks
add