Identity & Access Control for modern Applications and APIs using ASP.NET Core 6

Modern application design has changed quite a bit in recent years. "Mobile-first" and "cloud-ready" are the types of applications you are expected to develop. Also, to keep pace with these demands, Microsoft has revamped their complete web stack with ASP.NET Core to meet these architectural demands.

  • Nov 29
    Oslo Spektrum
    2 days
    08:00 - 16:00 UTC
    Dominick Baier
    13 490 NOK
  • See workshop is available in other time zones
  • This course will also be held at NDC London 2022

Multi-platform, multi-client, and highly-mobile users bring a new set of challenges, so the approaches of the past are no longer appropriate for modern applications. This two-day workshop is your chance to dive into all things security related to these new technologies. Learn how to securely connect native and browser-based applications to your back-ends and integrate them with enterprise identity management systems as well as social identity providers and services.

Technologies covered:
.NET Core, ASP.NET Core, MVC, Web APIs, Claims, OpenID Connect, OAuth 2.0, WS-Federation, SAML, JSON Web Tokens, Single Sign-on and off, Federation, Delegation, Home Realm, Discovery, CORS

Day 1: Foundation & Authentication

  • Identity & Access Control in .NET Core
  • ASP.NET Core Security Framework
    • Claims-based Identity
    • Cookie-based Authentication
    • Social Logins (e.g. Google, Facebook, Twitter, etc.)
    • OpenID Connect
    • Data Protection
    • Authorization
  • Web Application Patterns
    • Single Sign On / Single Sign Off
    • Claims Transformation
    • Federation Gateway
    • Account & Identity Linking
    • Home Realm Discovery

Day 2: Web APIs & Access Control

  • Securing APIs
    • Architecture & Scenarios
    • Token-based Authentication
  • OAuth 2.0
    • Clients
    • Scopes
    • Flows
    • Token lifetime management
    • Refresh tokens
  • OpenID Connect & OAuth 2.0 combined
    • Server to Server communication
    • Native & mobile Applications
    • SPAs
    • Custom credentials & token requests

Computer Setup:
Attendees will need to bring a computer with the latest .NET Core SDK and the IDE of your choice (e.g. Visual Studio) installed.

Dominick Baier
Duende Software

Dominick spent most of his professional career implementing security systems for his customers and reading protocol specifications. This resulted in a number of popular open-source projects like IdentityServer and IdentityModel. Since 2020 he runs Duende Software Inc together with his longtime friend and colleague Brock Allen. Duende provides a sustainable home for the IdentityServer project and is the one-stop-shop for all things OpenID Connect and OAuth for .NET-based companies.

  • This is an online workshop. Attendees will be invited to join through Webex.
Programutvikling uses cookies to see how you use our website. We also have embeds from YouTube and Vimeo. How do you feel about that?