Implementing Multiple Identities in your .NET Core Web App – Part 2

Last week we got started implementing multiple identities in a .NET Core web app by using Azure AD B2C: https://blogs.msdn.microsoft.com/azuredev/2018/09/03/implementing-multiple-identities-in-your-net-core-web-app-part-1/ We were able to very quickly get going logging in with both social and corporate identities by clicking through guided wizards. However this approach fell short when we decided to support multiple Azure AD tenants…

5

Implementing Multiple Identities in your .NET Core Web App – Part 1

Software developers have been dealing with the concept of users in their apps for many years, and many of us have implemented simple schemes for computing a hash of the password and rolling our own mechanisms and identity stores to support this. I don’t think I have seen anyone recommend as a best practice that…

4

Passwordless Windows and Azure (mini) Questions and Answers

Microsoft announced a while ago that passwordless authentication is coming to Windows 10. Sjoukje also brought it to attention on this blog: http://blogs.msdn.microsoft.com/azuredev/2018/04/26/azure-content-spotlight-password-less-sign-in-to-azure-windows-10/ Having “unboxed” two new Yubikeys I decided to do an introductory post on the topic. Well, more like a mini Q&A really. While the announcement was clear enough in the message “let’s…

1

Azure Content Spotlight – Password-less Sign-in to Azure & Windows 10

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. Microsoft has made a huge step in their drive to eliminate passwords for good! In the next Windows updates, their adding a limited preview of FIDO2 security key support. This will improve security significantly…

2

Assisted Login Using the OAuth Deviceprofile Flow

Have you ever tried to deal with logging in on an input-constrained device, and thought it wasn’t as easy as you wanted it to be? (Hence the term “constrained”…) There could be any number of devices where it is either a hassle to enter long passwords, or no option at all for that matter. This…

1

Azure Content Spotlight – New Release Notes for Azure Active Directory

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. Microsoft comes up with a new model for publishing detailed release notes and the first set has gone live last week. With this new publishing model for new Azure AD feature releases and plan-for-change communications,…

1

Azure Content Spotlight – New Azure Security Features Overview

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. At Ignite, a lot of new Azure Security features are announced. In this weeks content spotlight I’m going to highlight most of them: Overview of what’s new in Azure Information Protection Overview of what’s…

0

Working with identity in .NET Core 2.0

Last year I did a quick code sample on how to use identity in .NET Core (1.x): https://contos.io/protecting-a-net-core-api-with-azure-active-directory-59bbcd5b3429 Time flies, and just weeks ago I showed how fun/frustrating it can get when we want to secure a SPA with a .NET Core 2.0 back-end: https://blogs.msdn.microsoft.com/azuredev/2017/09/22/protecting-a-net-core-2-0-spa-with-adfs/ As I stated along with the most recent code snippet…

2

DevOps – Using Azure MSI with VSTS – step by step

Hi, [Update]: I have released a custom extension doing all of this on the marketplace. https://marketplace.visualstudio.com/items?itemName=stephane-eyskens.aadv1appprovisioning Microsoft recently announced Azure Managed Service Identity (MSI) which in a nutshell, is a way to avoid storing credentials in code or in locations such as the web.config, the app service settings etc…thanks to an automatically provisioned Service Principal (bootstrap identity) that…