search
profile img

Bharat Dwarkani

Oct 19, 2019
bookmarks

linkauth0.com

Learn how to build Web APIs with the new ASP.NET Core 3.0 and how to secure them with Auth0 authentication and authorization features.

share
favorite_border0 visibility3
favorite_border0 visibility3 share
bookmarks
profile img

Bharat Dwarkani

Oct 10, 2019
bookmarks

linkleastprivilege.com

You might have noticed the recent public discussions around how to securely build SPAs – and especially about the “weak security properties” of the OAuth 2.0 Implicit Flow.

share
favorite_border0 visibility7
favorite_border0 visibility7 share
bookmarks
profile img

Bharat Dwarkani

Oct 07, 2019
bookmarks

linkdamienbod.com

This article shows how Vue.js can be used together with ASP.NET Core 3 in a single project. The Vue.js application is built using the Vue.js CLI and built to the wwwroot of the ASP.NET Core application. The ASP.NET Core application is used to implement the APIs consumed by the Vue.js UI. The application is secured using a separate secure token server, implemented using IdentityServer4 hosted in an ASP.NET Core 3 application.

share
favorite_border0 visibility4
favorite_border0 visibility4 share
bookmarks
profile img

Bharat Dwarkani

Sep 25, 2019
bookmarks

linkc-sharpcorner.com

In this article, you will learn about ASP.NET Core security headers.

share
favorite_border0 visibility4
favorite_border0 visibility4 share
bookmarks
profile img

Bharat Dwarkani

Sep 15, 2019
bookmarks

linkscottbrady91.com

In the IdentityServer world authorization code with PKCE now replaces OpenID Connect's (OIDC) hybrid flow as our most secure authorization method; however, not all client libraries or even OpenID Providers support PKCE yet. An alternative approach that gives a comparatively high level of assurance is to use the OIDC hybrid flow in combination with encrypted identity tokens via JSON Web Encryption (JWE).

share
favorite_border0 visibility1
favorite_border0 visibility1 share
bookmarks
profile img

Bharat Dwarkani

Sep 15, 2019
bookmarks

linkscottbrady91.com

assword Authenticated Key Exchange (PAKE) is one of those odd protocols that sounds like a great idea, but one that no one seems to be using. Even then, it seems no one can agree upon a good implementation. Secure Remote Password (SRP) is the most common implementation, found in use by Apple and 1Password; however, it is far from perfect.

share
favorite_border0 visibility0
favorite_border0 visibility0 share
bookmarks
profile img

Bharat Dwarkani

Sep 05, 2019
bookmarks

linkgithub.com

Quick basic .NET security tips for developers.

share
favorite_border0 visibility0
favorite_border0 visibility0 share
bookmarks
profile img

Bharat Dwarkani

Sep 03, 2019
bookmarks

linkmicrosoft.github.io

It is very important to keep secrets and settings out of source code to make sure that they can be changed easily and can be secured. A good way to do that, is to store your secrets and settings in a central service. Azure provides a service like that, and it's called Azure App Configuration

share
favorite_border0 visibility1
favorite_border0 visibility1 share
bookmarks
profile img

Bharat Dwarkani

Aug 30, 2019
bookmarks

linkauth0.com

A practical tutorial showing how to use JSON Web Tokens in ASP.NET Core 2 applications.

share
favorite_border0 visibility3
favorite_border0 visibility3 share
bookmarks
profile img

Bharat Dwarkani

Aug 22, 2019
bookmarks

linkdocs.microsoft.com

ASP.NET Core and EF contain features that help you secure your apps and prevent security breaches like Cross-site scripting attacks, SQL injection attacks, Cross-Site Request Forgery (CSRF), Open redirect attacks, etc.,

share
favorite_border0 visibility3
favorite_border0 visibility3 share
bookmarks
add