Blogging about my adventures, straight from the Azure trenches. Sharing is caring!

API SECURITY FOR DUMMIES | Retrieve more user information

API SECURITY FOR DUMMIES | Retrieve more user information

API Security with ASP.NET Core 5.0 and Azure AD for Dummies This blog is part of a complete blog series. Part 1: Authentication vs authorization Part 2: The different actors Part 3: Authentication with Azure AD Part 4: Authorization with Access Control List Part 5:...

Subscribe to the blog

Latest Posts

API SECURITY FOR DUMMIES | Authentication with Azure AD

API SECURITY FOR DUMMIES | Authentication with Azure AD

API Security with ASP.NET Core 5.0 and Azure AD for Dummies This blog is part of a complete blog series. Part 1: Authentication vs authorization Part 2: The different actors Part 3: Authentication with Azure AD (this blog) Part 4: Authorization with Access Control...

API SECURITY FOR DUMMIES | The different actors

API SECURITY FOR DUMMIES | The different actors

API Security with ASP.NET Core 5.0 and Azure AD for Dummies This blog is part of a complete blog series. Part 1: Authentication vs authorization Part 2: The different actors (this blog) Part 3: Authentication with Azure AD Part 4: Authorization with Access Control...

API SECURITY FOR DUMMIES | Authentication vs authorization

API SECURITY FOR DUMMIES | Authentication vs authorization

API Security with ASP.NET Core 5.0 and Azure AD for Dummies This blog is part of a complete blog series. Part 1: Authentication vs authorization (this blog) Part 2: The different actors Part 3: Authentication with Azure AD Part 4: Authorization with Access Control...

Securely distributing client secrets within the organization

Securely distributing client secrets within the organization

The weakest link in security is the human element.  This statement gets regularly confirmed, when we are setting up OAuth2 or Open ID Connect at a customer.  This blog explains the security issue and how you can overcome it with some very little effort. The problem In...

Enforce basic authentication in Azure API Management

Enforce basic authentication in Azure API Management

When connecting with legacy systems, Basic Authentication is often the only supported security scheme that is available.  Azure API Management has an out-of-the-box policy that implements Basic Authentication between API Management and the backend API (backdoor). ...