search

Azure Key Vault is a great way to store your IdentityServer4 signing keys; it is secure, versioned, and gives you access to robust access control mechanisms. However, I keep seeing many Azure Key Vault integrations that miss many of its features by storing the private key as a secret and then downloading the private key on application startup.

Bharat Dwarkani shared on Mar 30, 2020
image
scottbrady91.com
bookmarks
share
visibility8
visibility8 share bookmarks

In this article, we will see how we can skip Identity server 4 login page if we have integrated Azure AD with identity server 4.

Bharat Dwarkani shared on Mar 15, 2020
image
neelbhatt.com
bookmarks
share
visibility14
visibility14 share bookmarks

An issue related to antiforgery that I couldn’t understand at the time. I went with a workaround but thought I’d dig a bit deeper when I have time. Let’s have a look at it together!

Bharat Dwarkani shared on Mar 05, 2020
image
mderriey.com
bookmarks
share
visibility16
visibility16 share bookmarks

But what do you do when you have to access an authenticated API from your application, for which you need the access token or the refresh token that was obtained as part of that sign-in flow?

Bharat Dwarkani shared on Jan 17, 2020
image
blog.maartenballiauw.be
bookmarks
share
visibility41
visibility41 share bookmarks

ASOS (AspNet.Security.OpenIdConnect.Server) is an advanced OAuth2 for ASP.NET Core 1.x and 2.x. In this article, we explain the integration process of ASOS, corresponding to client_credentials and password grant types, to enable:

Bharat Dwarkani shared on Jan 17, 2020
image
syncfusion.com
bookmarks
share
visibility6
visibility6 share bookmarks

n this article, we will create a web application using ASP.NET Core and Angular. We will then implement authentication and policy-based authorization in the application with the help of JWT. The web application will have two roles – Admin and User. The application will have role-based access for each role. We will learn how to configure and validate a JWT.

Bharat Dwarkani shared on Nov 25, 2019
image
ankitsharmablogs.com
bookmarks
share
visibility75
visibility75 share bookmarks

ASP.NET Core identity allows you to implement authentication and authorization for your web applications. While working with ASP.NET Core Identity at times you need to create default user accounts and roles in the system. In ASP.NET MVC you could have easily done this in Global.asax and Application_Start event handler. In ASP.NET Core the process is bit different since the application startup process is different. To that end this article explains a way to seed such user and roles data in your a

Bharat Dwarkani shared on Nov 24, 2019
image
binaryintellect.net
bookmarks
share
visibility346
visibility346 share bookmarks

Multi-factor authentication or MFA requires multiple factors to authenticate a user. Two-factor authentication (2FA) is an MFA with two factors. There is no real limit on how many factors we can add but it’s not practical for a user to use many factors as it hurts usability of the application if the login process is too long and complicated. Adding a second factor is usually enough to stop the brute-force and dictionary attacks.

Bharat Dwarkani shared on Nov 24, 2019
image
deblokt.com
bookmarks
share
visibility36
visibility36 share bookmarks

this tutorial, we are going to cover a simple example of how to implement Role Based Authorization / access control in Asp.Net Core 3.0 using visual studio 2019.

Bharat Dwarkani shared on Nov 24, 2019
image
dotnetdetail.net
bookmarks
share
visibility43
visibility43 share bookmarks

So while the benefits of using Single Sign On are obvious and there many articles about it, it way less discussed topic is Single Sign Out – the process of signing out the user from all web application which use the same IdP.

Bharat Dwarkani shared on Nov 10, 2019
image
hajekj.net
bookmarks
share
visibility4
visibility4 share bookmarks
add