ASP.NET Identity 2.1 is the latest membership and identity management framework provided by Microsoft, this membership system can be plugged to any ASP.NET framework such as Web API, MVC, Web Forms, etc... In this tutorial we'll cover how to … [Continue reading]
I still clearly remember staying late at the office after reading this inspirational post by Scott Hanselman asking myself why not to start a new blog, I have a good knowledge in the ASP.NET stack so why not to share this with the community through … [Continue reading]
Recently I was working on securing ASP.NET Web API HTTP service that will be consumed by a large number of terminal devices installed securely in different physical locations, the main requirement was to authenticate calls originating from … [Continue reading]
In my previous post Secure ASP.NET Web API 2 using Azure Active Directory I've covered how to protect Web API end points using bearer tokens issued by Azure Active Directory, and how to build a desktop application which acts as a Client. This Client … [Continue reading]
One of the main new features of ASP.NET 5 is unifying the programming model and combining MVC, Web API, and Web Pages in single framework called MVC 6. In previous versions of ASP.NET (MVC 4, and MVC 5) there were overlapping in the features between … [Continue reading]
In the previous post Decouple OWIN Authorization Server from Resource Server we saw how we can separate the Authorization Server and the Resource Server by unifying the "decryptionKey" and "validationKey" key values in machineKey node in … [Continue reading]
Last week I was looking on how to enable Two Factor Authentication in a RESTful ASP.NET Web API service using Soft Tokens not SMS. Most of the examples out there show how to implement this in MVC application where there will be some cookies … [Continue reading]
Recently I've received lot of comments and emails asking how we can decouple the OWIN Authorization Server we've built in the previous posts from the resources we are protecting. If you are following the posts mentioned below you will notice that … [Continue reading]
Recently I've been asked by many blog readers on how to secure ASP.NET Web API 2 using Azure Active Directory, in other words we want to outsource the authentication part from the Web API to Microsoft Azure Active Directory (AD). We have already seen … [Continue reading]
Recently I was working on designing and implementing a large scale RESTful API using ASP.NET Web API, this RESTful API contains large number of endpoints with different data models used in the request/response payloads. Proper documentation and … [Continue reading]