In the second part we add custom delegated and application permissions to an ASP.NET Core API and also talk about multi-tenancy.
This first part looks at the basic setup for Azure AD authentication in an ASP.NET Core API as well as creating a test client app
Shows a solution for sharing data annotation property name translations and error messages in a single RESX file.
Looks at an example for storing sensitive configuration in Azure Key Vault, and connecting it to the ASP.NET Core configuration pipeline.
Checking out the new ActionResult<T> class coming in ASP.NET Core 2.1.
How to make authentication handlers in ASP.NET Core 2.0, and walks through a naive implementation for HTTP Basic authentication.
How to call another Azure AD protected API from an API as the user calling it.
How to use Redis for storing session data in ASP.NET Core. Examples for using Azure Redis Cache with Azure Web Apps.
How to add custom claims such as roles to a user after they sign in. OpenID Connect and JWT Bearer token authentication used as examples.
How authentication can be required globally, as well as how to apply a different authorization policy on different parts of the app automatically.