Securing OAuth Bearer tokens from multiple Identity Providers in an ASP.NET Core API

Securing OAuth Bearer tokens from multiple Identity Providers in an ASP.NET Core API

Securing OAuth Bearer tokens from multiple Identity Providers in an ASP.NET Core API. This article shows how to secure and use different APIs in an ASP.NET Core API which support OAuth access tokens from multiple identity providers.

This article shows how to secure and use different APIs in an ASP.NET Core API which support OAuth access tokens from multiple identity providers. Access tokens from Azure AD and from Auth0 can be be used to access data from the service. Each API only supports a specific token from the specific identity provider. Microsoft.Identity.Web is used to implement the access token authorization for the Azure AD tokens and the default authorization is used to support the Auth0 access tokens.

Codehttps://github.com/damienbod/SeparatingApisPerSecurityLevel

Setup

An API ASP.NET Core application is created to implement the multiple APIs and accept access tokens created by Auth0 and Azure AD. The access tokens need to be validated and should only work for the intended purpose for which the access token was created. The Azure AD API is used by an ASP.NET Core Razor page application which requests an user access token with the correct scope to access the API. Two Azure AD App registrations are used to define the Azure AD setup. The Auth0 application is implemented using a Blazor server hosted application and accesses the two Auth0 APIs, See the pervious post for details.

security azure ad oauth dotnet dotnet core aspdotnet core

What is Geek Coin

What is GeekCash, Geek Token

Best Visual Studio Code Themes of 2021

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Implement app roles authorization with Azure AD and ASP.NET Core

Implement app roles authorization with Azure AD and ASP.NET Core. This post shows how to implement Azure AD App roles and applied to users or groups in Azure AD. The roles are used in an ASP.NET Core Razor page application as well as a ASP.NET Core API.

Using Azure AD groups authorization in ASP.NET Core for an Azure Blob Storage

This post show how Azure AD groups could be used to implement authorization for an Azure Blob storage and used in an ASP.NET Core Razor page application to authorize the identities. The groups are assigned the roles in the Azure Storage. Azure AD users are added to the Azure AD groups and inherit the group roles. The group ID is added to the claims of the tokens which can be used for authorization in the client application.

Practical Azure: Secure a .NET Core Web API using Azure AD B2C.

The objective of this post is to understand how to secure a .NET Core web API using Azure AD B2C, and how to access that API from an Angular application.

Secure Azure AD User File Upload with Azure AD Storage and ASP.NET Core

This tutorial shows how files can be uploaded to Azure blob storage using ASP.NET Core in a secure way using OAuth and Open ID Connect. Azure AD is used to authenticate the users. The uploaded file descriptions are saved to an SQL database using EF Core so that listing or searching files can be implemented easily.

jQuery Ajax CRUD in ASP.NET Core MVC with Modal Popup

In this article, we’ll discuss how to use jQuery Ajax for ASP.NET Core MVC CRUD Operations using Bootstrap Modal. With jQuery Ajax, we can make HTTP request to controller action methods without reloading the entire page, like a single page application.