This is the third part of the tutorial which will cover Using Azure AD B2C tenant with ASP.NET Web API 2 and various front-end clients. Azure Active Directory B2C Overview and Policies Management – (Part 1) Secure ASP.NET Web API 2 using Azure AD B2C – (Part 2) Integrate Azure Active Directory B2C with ASP.NET MVC Web App (This […]
Secure ASP.NET Web API 2 using Azure AD B2C – Part 2
This is the second part of the tutorial which will cover Using Azure AD B2C tenant with ASP.NET Web API 2 and various front end clients. Azure Active Directory B2C Overview and Policies Management – (Part 1) Secure ASP.NET Web API 2 using Azure AD B2C – (This Post) Integrate Azure Active Directory B2C with ASP.NET MVC Web App (Part […]
Azure Active Directory B2C Overview and Policies Management – Part 1
Prior joining Microsoft I was heavily involved in architecting and building a large scale HTTP API which will be consumed by a large number of mobile application consumers on multiple platforms (iOS, Android, and Windows Phone). Securing the API and architecting the Authentication and Authorization part for the API was one of the large and challenging […]
Secure ASP.NET Web API using API Key Authentication – HMAC Authentication
Recently I was working on securing ASP.NET Web API HTTP service that will be consumed by a large number of terminal devices installed securely in different physical locations, the main requirement was to authenticate calls originating from those terminal devices to the HTTP service and not worry about the users who are using it. So first thing came to my […]
AngularJS Authentication Using Azure Active Directory Authentication Library (ADAL)
In my previous post Secure ASP.NET Web API 2 using Azure Active Directory I’ve covered how to protect Web API end points using bearer tokens issued by Azure Active Directory, and how to build a desktop application which acts as a Client. This Client gets the access token from the Authorization Server (Azure Active Directory) then use this bearer access […]
JSON Web Token in ASP.NET Web API 2 using Owin
In the previous post Decouple OWIN Authorization Server from Resource Server we saw how we can separate the Authorization Server and the Resource Server by unifying the “decryptionKey” and “validationKey” key values in machineKey node in the web.config file for the Authorization and the Resource server. So once the user request an access token from the Authorization server, the Authorization server will use this unified […]
Decouple OWIN Authorization Server from Resource Server
Recently I’ve received lot of comments and emails asking how we can decouple the OWIN Authorization Server we’ve built in the previous posts from the resources we are protecting. If you are following the posts mentioned below you will notice that we’ve only one software component (API) which plays both roles: Authorization Server and Resource Server. […]
Secure ASP.NET Web API 2 using Azure Active Directory, Owin Middleware, and ADAL
Recently I’ve been asked by many blog readers on how to secure ASP.NET Web API 2 using Azure Active Directory, in other words we want to outsource the authentication part from the Web API to Microsoft Azure Active Directory (AD). We have already seen how the authentication can be done with local database accounts, and social identity providers, so in this […]
Building ASP.Net Web API RESTful Service – Part 8
This is the eight part of Building ASP.Net Web API RESTful Service Series. The topics we’ll cover are: Building the Database Model using Entity Framework Code First – Part 1. Applying the Repository Pattern for the Data Access Layer – Part 2. Getting started with ASP.Net Web API – Part 3. Implement Model Factory, Dependency Injection […]