ASP.NET Core posts

Always check permissions in tokens in an Azure AD protected API

Posted on: 05-08-2019

Failing to check for permissions in Azure AD access tokens leads to your API being vulnerable

Best practices for N-tenant Azure AD applications

Posted on: 21-05-2019

Some things to watch out for in your multi-tenant Azure AD applications that support a limited number of tenants

Using Azure Key Vault and Azure Storage to store Data Protection keys with ASP.NET Core

Posted on: 07-04-2019

A look at how ASP.NET Core's Data Protection can be setup in a good way using Azure services

Implementing Azure AD Single Sign-Out in ASP.NET Core

Posted on: 23-11-2018

Single Sign-Out enables you to clear the user's session immediately when they sign out from another app

Azure AD Authentication in ASP.NET Core APIs part 2: Custom permissions, multi-tenant APIs

Posted on: 02-08-2018

In the second part we add custom delegated and application permissions to an ASP.NET Core API and also talk about multi-tenancy.

Azure AD Authentication in ASP.NET Core APIs part 1: Basic setup, checking scopes, creating a test client

Posted on: 12-06-2018

This first part looks at the basic setup for Azure AD authentication in an ASP.NET Core API as well as creating a test client app

Shared RESX file for data annotation localization in ASP.NET Core 2.0

Posted on: 20-03-2018

Shows a solution for sharing data annotation property name translations and error messages in a single RESX file.

ASP.NET Core + Azure Key Vault + Azure AD MSI = Awesome way to do config

Posted on: 06-03-2018

Looks at an example for storing sensitive configuration in Azure Key Vault, and connecting it to the ASP.NET Core configuration pipeline.

Exploring ActionResult<T> in ASP.NET Core 2.1

Posted on: 18-02-2018

Checking out the new ActionResult<T> class coming in ASP.NET Core 2.1.

Creating an authentication scheme in ASP.NET Core 2.0

Posted on: 02-02-2018

How to make authentication handlers in ASP.NET Core 2.0, and walks through a naive implementation for HTTP Basic authentication.

Hi! My name is Joonas Westlin, I'm a software developer who blogs about ASP.NET, Azure, and Web development.

Azure MVP, Azure Solutions Architect Expert, Azure Developer Associate, MCSE: Cloud Platform and Infrastructure, MCSD: App Builder.