Despite the overload of online material on this subject, I still see many people struggling to secure their ASP.NET Core APIs with Azure AD. For this, I see several causes:
- The difference between authentication and authorization is still not clear for many
- Azure AD is not the most user-friendly identity and access management system
- ASP.NET Core is rapidly changing, each version with its respective security implementation
- Microsoft’s migration from Azure AD Graph (ADAL) towards Microsoft Graph (MSAL)
The aim of this blog series is to explain the most common security patterns and needs.
- Part 1: Authentication vs authorization
- Part 2: The different actors
- Part 3: Authentication with Azure AD
- Part 4: Authorization with Access Control List
- Part 5: Authorization with Application Roles
- Part 6: Authorization with Delegated Permissions
- Part 7: Retrieve more user information
- Part 8: Access APIs on behalf of a user (coming soon)
- Part 9: Automate the Azure AD configuration (coming soon)
I hope you like it! Sharing is caring!