Implementing Multiple Identities in your .NET Core Web App – Part 2

Last week we got started implementing multiple identities in a .NET Core web app by using Azure AD B2C: https://blogs.msdn.microsoft.com/azuredev/2018/09/03/implementing-multiple-identities-in-your-net-core-web-app-part-1/ We were able to very quickly get going logging in with both social and corporate identities by clicking through guided wizards. However this approach fell short when we decided to support multiple Azure AD tenants…

5

Implementing Multiple Identities in your .NET Core Web App – Part 1

Software developers have been dealing with the concept of users in their apps for many years, and many of us have implemented simple schemes for computing a hash of the password and rolling our own mechanisms and identity stores to support this. I don’t think I have seen anyone recommend as a best practice that…

4

Assisted Login Using the OAuth Deviceprofile Flow

Have you ever tried to deal with logging in on an input-constrained device, and thought it wasn’t as easy as you wanted it to be? (Hence the term “constrained”…) There could be any number of devices where it is either a hassle to enter long passwords, or no option at all for that matter. This…

1

Accessing The Power BI APIs in a Federated Azure AD Setup

Or the alternative title – combining ADFS w/SAML and Azure AD w/OAuth in the same authentication request just because it is possible πŸ™‚ A few days ago I was asked to look into how the Power BI APIs could work in a kiosk-like use case with regards to the auth part. (People don’t usually consult…

1

Accessing Azure Resources Protected With SAS Tokens Using Tokens Issued by Azure AD

I know, the title is a mouthful, but I wasn’t able to whittle it down without losing context. (Sure, I could have gone the clickbait route I suppose.) Let me setup the scenario for you πŸ™‚ Let’s say you have an IoT lab like described in my previous post: https://blogs.msdn.microsoft.com/azuredev/2017/12/13/controlling-your-iot-home-with-azure-functions-runtime/ The Hue devices let you…

1

Working with identity in .NET Core 2.0

Last year I did a quick code sample on how to use identity in .NET Core (1.x): https://contos.io/protecting-a-net-core-api-with-azure-active-directory-59bbcd5b3429 Time flies, and just weeks ago I showed how fun/frustrating it can get when we want to secure a SPA with a .NET Core 2.0 back-end: https://blogs.msdn.microsoft.com/azuredev/2017/09/22/protecting-a-net-core-2-0-spa-with-adfs/ As I stated along with the most recent code snippet…

2

Protecting a .NET Core 2.0 SPA with ADFS

Today’s identity-related pop quiz: How do you secure a SinglePageApp (SPA) with a .NET Core back-end using ADFS? If you said “there’s probably an official sample for that over at docs.microsoft.com” you’d not be entirely right. Oh, there’s samples, but if you implied “working sample” I dare you to come up with it πŸ™‚ (Well,…

2

Using ADFS as an Identity Provider for Azure AD B2C

Using Azure AD B2C with “regular” Azure AD enabled some new and useful scenarios. Let’s take logins further along the same track while we are at it. To not repeat myself I will assume you have at least skimmed through the previous article: https://blogs.msdn.microsoft.com/azuredev/2017/05/30/azure-ad-b2c-kicking-it-up-a-notch-with-support-for-aad-as-idp/ The integration between B2C and AAD is done through the support…

3

Azure AD B2C – Kicking it up a notch with support for AAD as IdP

I have mentioned AAD B2C before, and it should be your go-to feature if you want to have users logging in to your apps with their “social” identity. Like all Azure services B2C also evolves, and there happens to be a newly released feature I would like to highlight πŸ™‚ While B2C covers the big…


Azure AD – Overview of Libraries

“This whole Azure AD thingy sounds complicated – aren’t there any libraries or something to make life simpler?” Well, I suppose not everyone wants to write everything from scratch πŸ™‚ Short answer: yes, there are libraries. Long answer: there are a number of libraries to choose between. Actually, before committing to a library you need…