API posts
Hide actions from Swagger / OpenAPI documentation in ASP.NET Core
Posted on: 16-03-2020
Two approaches for hiding actions from auto-generated API documentation
Always check permissions in tokens in an Azure AD protected API
Posted on: 05-08-2019
Failing to check for permissions in Azure AD access tokens leads to your API being vulnerable
Azure AD Authentication in ASP.NET Core APIs part 2: Custom permissions, multi-tenant APIs
Posted on: 02-08-2018
In the second part we add custom delegated and application permissions to an ASP.NET Core API and also talk about multi-tenancy.
Azure AD Authentication in ASP.NET Core APIs part 1: Basic setup, checking scopes, creating a test client
Posted on: 12-06-2018
This first part looks at the basic setup for Azure AD authentication in an ASP.NET Core API as well as creating a test client app
Exploring ActionResult<T> in ASP.NET Core 2.1
Posted on: 18-02-2018
Checking out the new ActionResult<T> class coming in ASP.NET Core 2.1.
Using Azure AD On-Behalf-Of flow in an ASP.NET Core 2.0 API
Posted on: 06-01-2018
How to call another Azure AD protected API from an API as the user calling it.
Apply Authorization by default in ASP.NET Core
Posted on: 29-11-2017
How authentication can be required globally, as well as how to apply a different authorization policy on different parts of the app automatically.
Discovering controller actions and Razor Pages in ASP.NET MVC Core
Posted on: 03-11-2017
Using IActionDescriptorCollectionProvider to find what controller actions and Razor Pages are available in an ASP.NET MVC Core application.
Building a basic Web API on ASP.NET Core
Posted on: 18-10-2016
Part 1 of a series, in this one we look at how a basic Web API is built on ASP.NET Core.
