What is the OAuth ROPC flow, why it exists, and why you should not use it for most cases
Compares two approaches to high-level authorization in an application: groups and app roles
A look at how ASP.NET Core's Data Protection can be setup in a good way using Azure services
Single Sign-Out enables you to clear the user's session immediately when they sign out from another app
Sending and receiving Azure Service Bus Queue messages with zero credentials utilizing Azure Managed Identities
In the second part we add custom delegated and application permissions to an ASP.NET Core API and also talk about multi-tenancy.
This first part looks at the basic setup for Azure AD authentication in an ASP.NET Core API as well as creating a test client app
Getting rid of access keys and instead using Azure AD with Managed Service Identity to access Azure Storage
Looks at an example for storing sensitive configuration in Azure Key Vault, and connecting it to the ASP.NET Core configuration pipeline.
How to make authentication handlers in ASP.NET Core 2.0, and walks through a naive implementation for HTTP Basic authentication.