In the first part in this series, we will look at how to setup Swagger UI so it can be used to test an Azure AD-protected API.
Failing to check for permissions in Azure AD access tokens leads to your API being vulnerable
Some things to watch out for in your multi-tenant Azure AD applications that support a limited number of tenants
A look at how ASP.NET Core's Data Protection can be setup in a good way using Azure services
Single Sign-Out enables you to clear the user's session immediately when they sign out from another app
In the second part we add custom delegated and application permissions to an ASP.NET Core API and also talk about multi-tenancy.
This first part looks at the basic setup for Azure AD authentication in an ASP.NET Core API as well as creating a test client app
Shows a solution for sharing data annotation property name translations and error messages in a single RESX file.
Looks at an example for storing sensitive configuration in Azure Key Vault, and connecting it to the ASP.NET Core configuration pipeline.
Checking out the new ActionResult<T> class coming in ASP.NET Core 2.1.