search

So while the benefits of using Single Sign On are obvious and there many articles about it, it way less discussed topic is Single Sign Out – the process of signing out the user from all web application which use the same IdP.

Bharat Dwarkani shared on Nov 10, 2019
image
hajekj.net
bookmarks
share
visibility7
visibility7 share bookmarks

This article shows two possible ways of getting user claims in an ASP.NET Core application which uses an IdentityServer4 service. Both ways have advantages and require setting different code configurations in both applications.

Bharat Dwarkani shared on Nov 02, 2019
image
damienbod.com
bookmarks
share
visibility44
visibility44 share bookmarks

This is walk through for an ASP.NET Core Authorization Lab, now updated for ASP.NET Core 2.1 and VS2017.

Bharat Dwarkani shared on Oct 26, 2019
image
github.com
bookmarks
share
visibility17
visibility17 share bookmarks

So you’ve built a web API and everything seems to be working fine. But Wait! Anyone can access your API, hit the correct url and boom your API is connected to. Though that might be heroic of you, but it shouldn’t be… I mean after all the bugs and stackoverflow.

Bharat Dwarkani shared on Oct 19, 2019
image
medium.com
bookmarks
share
visibility503
visibility503 share bookmarks

This article shows how FIDO2 WebAuthn could be used for a passwordless sign in integrated into an ASP.NET Core Identity application. The FIDO2 WebAuthn is implemented using the fido2-net-lib Nuget package, and demo code created by Anders Åberg. The application is implemented using ASP.NET Core 3.0 with Identity. For information about FIDO2 and WebAuthn, please refer to the links at the bottom.

Bharat Dwarkani shared on Oct 19, 2019
image
damienbod.com
bookmarks
share
visibility96
visibility96 share bookmarks

Authorization refers to limiting the access of the system to the user according to their roles. There are different roles in an organization and we can provide access to the resources according to their position or role in the organization. There are various technique for Authorization and authentication like JWT Authentication, Windows Authentication, Cookies Authentication, etc. So, we will be learning cookie based authentication and authorization with encrypt password using Guid data type key

Bharat Dwarkani shared on Oct 19, 2019
image
ttmind.com
bookmarks
share
visibility41
visibility41 share bookmarks

The aim of this post is to teach you how to implement Identity Authentication & Authorization with ASP.NET Core 3. We will begin with a cookie-cutter Microsoft starter project, and then modify it to use Kendo in a future post.

Bharat Dwarkani shared on Oct 12, 2019
image
blog.elmah.io
bookmarks
share
visibility54
visibility54 share bookmarks

You might have noticed the recent public discussions around how to securely build SPAs – and especially about the “weak security properties” of the OAuth 2.0 Implicit Flow.

Bharat Dwarkani shared on Oct 10, 2019
image
leastprivilege.com
bookmarks
share
visibility114
visibility114 share bookmarks

Being able to sign in with an external login provider (for example Google or Facebook) is a good way to simplify the process of getting new users to your website.

Bharat Dwarkani shared on Sep 28, 2019
image
blinkingcaret.com
bookmarks
share
visibility43
visibility43 share bookmarks

An application running within the context of the browser (e.g. a React or Angular Single Page Application (SPA)) that wants to access an API on behalf of a user. This authenticated API call will be made directly from the user’s browser, and only our application should be able to call it on behalf of our authenticated user (i.e. we’re not vulnerable to Cross-Site Request Forgery (CSRF/XSRF).

Bharat Dwarkani shared on Sep 15, 2019
image
scottbrady91.com
bookmarks
share
visibility3
visibility3 share bookmarks
add