In-depth walkthrough on the device code authentication flow which can be used by browserless and input-limited devices.

Shows how to know if an HTTP request came from Application Insights availability tests.

Checking out the new ActionResult<T> class coming in ASP.NET Core 2.1.

How to make authentication handlers in ASP.NET Core 2.0, and walks through a naive implementation for HTTP Basic authentication.

How to call another Azure AD protected API from an API as the user calling it.

How to use Redis for storing session data in ASP.NET Core. Examples for using Azure Redis Cache with Azure Web Apps.

How to grant administrator consent for permissions in Azure AD, and some technical details on what exactly it is that Azure AD expected to find before showing this error.

How to add custom claims such as roles to a user after they sign in. OpenID Connect and JWT Bearer token authentication used as examples.

How you can define delegated and app permissions offered by your API, as well as how to assign roles within an app to users.

How authentication can be required globally, as well as how to apply a different authorization policy on different parts of the app automatically.