Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 2

•Download as PPTX, PDF•

0 likes•4,922 views

This document summarizes a webinar about integrating Azure Active Directory B2C (AAD B2C) with applications using the Microsoft Authentication Libraries (MSAL). It discusses how MSAL can be used to acquire tokens to call protected APIs and validate tokens in web APIs and applications. It provides an overview of using MSAL in .NET Core web apps to sign users in with AAD B2C, redeem authorization codes to acquire tokens, and implement token caching for silent authentication. The document demonstrates how to build a .NET Core web app that signs users in with AAD B2C using MSAL.

Technology

B2C & App Integration with the
Microsoft Authentication Libraries (MSAL)
Azure AD B2C
Webinar series

Why MSAL?
 Supports OAuth and OIDC
 Acquires all types of tokens.
 Implements a Token Cache
 Developer Friendly API
 Battle hardened
 Get help when you need it!

Authentication Libraries
Microsoft Authentication Libraries (MSAL)
Used to acquire tokens to call protected APIs
Middleware libraries
Used by node.js, ASP.NET, ASP.NET Core to validate
access tokens in web APIs and ID tokens in Web apps.
Scenarios and supported platforms and language

Create an ASP .NET Core Web App
Sign-in Users

If you start from ASP .NET Core templates
If, now, you want to call web APIs reliably:
OnAuthorizationCodeReceived
deem the auth code
build an MSAL.NET confidential client application
mplement token cache serialize
AcquireTokenSilent

$Build a confidential client with MSAL .NET string authority = $"{_applicationOptions.Instance}tfp/“ +"{_microsoftIdentityOptions.Domain}/"+ "{_microsoftIdentityOptions.DefaultUserFlow}"; _application = ConfidentialClientApplicationBuilder .CreateWithApplicationOptions(_applicationOptions) .WithRedirectUri(currentUri) .WithB2CAuthority(authority) .WithHttpClientFactory(_httpClientFactory) .Build();$

Implement token cache serialization
• Complex (security and performance implications)
• Serialization depends
on your needs
- in memory,
- database,
- Redis etc …

In the Controller, acquire a token with MSAL .NET

Building blocks and integration points
ASP.NET Core Web App or Web API
ASP.NET Core framework
ASP.NET Core OIDC middleware ASP.NET Core - JwtBearer middleware
Core Components
Microsoft.IdentityModel (Wilson) WsTrust…
.NET Core

Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 2

What's hot

Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)

Jeremy Gray

Office 365 api vs share point app model

BIWUG

A presentation at a technology meetup. Roy Kim will walk through various access scenarios and capabilities using Azure AD services and features to access SharePoint 2013/2016 server. This will include a comparison between AD Connect + Azure Application Proxy to publish an internal SharePoint application and 3rd Party Auth0 to assist in federating Azure AD and SSO integration. And also the recently supported Azure AD SAML 1.1 Token. Roy will go through a demo, its architecture, and commentary of pros and cons. At the end you will have a good understanding of the technology capabilities to determine supporting access and user management scenarios.

Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG

Roy Kim

SPS Belgium 2015 - High-trust Apps for On-Premises Development

Edin Kapic

Azure Kubernetes Service (AKS) is a managed container orchestration service. With Kubernetes continuing to grow in popularity, many developers and IT engineers are curious to get started. Roy will demonstrate hosted microservices applications and the Istio service mesh. Along with how to manage your cluster with the Kubernetes Dashboard, Prometheus, Grafana and Azure Monitor. You will see a practical overview how all these pieces fit together. www.roykim.ca Twitter: @RoyKimYYZ Github: https://github.com/RoyKimYYZ

Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...

Roy Kim

Microsoft Azure Identity and O365

Kris Wagner

High-Trust Add-Ins SharePoint for On-Premises Development

Edin Kapic

Easy Auth Overview - Tokyo Azure Meetup - Feb 2018

Chris Gillum

Windows Server 2008 will be launched in Q1 2008. Come and learn what’s new in this release for developers. Agenda: Whether you are building Web applications or writing core server-based system services, Windows Server 2008 provides many new features that you can leverage to build more secure, flexible, and innovative applications. In this 2-session event we will go through the “Top 7 Ways to Light Up Your Apps on Windows Server 2008”. Demos will include IIS7, PowerShell, Transactional File System (TxF), restart/recovery APIs plus more. For more details and the original slidedeck visit http://www.microsoft.com/uk/msdn/events/new/Detail.aspx?id=136

Windows Server 2008 for Developers - Part 1

ukdpe

OAuth in SharePoint 2013

Dinusha Kumarasiri

This is a presentation I held at a local Azure user group. The session abstract: Azure Key Vault is a tool for securely storing and accessing secrets. We will go through a popular Azure PaaS Architecture pattern using Key Vault to store a password. I will demo and walk through the general configuration of a dedicated Azure Function app, Azure SQL and Key Vault that was deployed with automation. I will then go through fairly advanced techniques and best practices on how to deploy Azure Key Vault and a password secret with ARM templates. Finally, a very brief look at my Azure DevOps Pipeline to deploy the ARM template. You will come away with an understanding of an applied use case of leveraging Azure Key vault for a PaaS solution in better managing a password secret.

Azure Key Vault with a PaaS Architecture and ARM Template Deployment

Roy Kim

EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On

Peter Selch Dahl

Sync on Android

chalup

Windows Azure Active Directory

Krunal Trivedi

Azure AD Presentation - @ BITPro - Ajay

Anoop Nair

Building an application that can be provisioned and used in multiple Azure AD tenants goes far beyond just flipping a switch in your app configuration. The developer has to undertake application provisioning, decide on a provisioning strategy, push changes to customers, manage identities flowing from multiple tenants, collect essential information from authentication signals, learn to differentiate the different types of users they will encounter and understand the key differences from the B2B scenarios. In this community call, Kalyan Krishnan reviews the steps and considerations required to develop, configure, provision, and manage multi-tenant applications. For more information, visit https://aka.ms/identityplatform

Community call: Develop multi tenant apps with the Microsoft identity platform

Microsoft 365 Developer

Iam

Microsoft Norge AS

In May's Microsoft identity platform call, Navya Canumalla went into detail on MSAL Java and Python, including an overview, supported scenarios and calling patterns. Quickstart demo, token cache and ADAL to MSAL migration. View recording https://youtu.be/yCCjNqFva9w Resources: MSAL Java https://aka.ms/msaljavadocs MSAL Python https://aka.ms/msalpythondocs Stay connected Twitter https://twitter.com/microsoft365dev YouTube https://aka.ms/M365DevYouTube Blogs https://aka.ms/M365DevBlog

Microsoft identity platform community call-May 2020

Microsoft 365 Developer

What's New for Data?

ukdpe

Certifications for Azure Developers

Krunal Trivedi

What's hot (20)

Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)

Office 365 api vs share point app model

Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG

SPS Belgium 2015 - High-trust Apps for On-Premises Development

Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...

Microsoft Azure Identity and O365

High-Trust Add-Ins SharePoint for On-Premises Development

Easy Auth Overview - Tokyo Azure Meetup - Feb 2018

Windows Server 2008 for Developers - Part 1

OAuth in SharePoint 2013

Azure Key Vault with a PaaS Architecture and ARM Template Deployment

EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On

Sync on Android

Windows Azure Active Directory

Azure AD Presentation - @ BITPro - Ajay

Community call: Develop multi tenant apps with the Microsoft identity platform

Iam

Microsoft identity platform community call-May 2020

What's New for Data?

Certifications for Azure Developers

Similar to Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 2

If you ever had to deal with identity within your solutions then this is the session for you. Join JP and Christos to find out how to implement authentication and authorization for your mobile apps and back-end services using the Microsoft Identity platform. We will show you how to use our libraries to quickly connect to our platform and authenticate your users in a few, basic steps. Get ready for demos and examples the highlight how the Microsoft Identity Platform allows you to create scalable and secure applications.

"Secure Mobile Apps with the Microsoft Identity Platform", Christos Matskas, ...

Fwdays

Microsoft identity manoj mittal

Manoj Mittal

CTU June 2011 - Windows Azure App Fabric

Spiffy

Introduction to the Microsoft identity platform for developers

Christos Matskas

Simplify user application authentication using Microsoft Identity Platform

Manoj Mittal

Azure Active Directory - An Introduction for Developers

John Garland

Securing Serverless Workloads with Cognito and API Gateway Part I - AWS Secur...

Amazon Web Services

OAuth with AngularJS and WebAPI - SoCal Code Camp 2015

Stuart

Deep Dive on Amazon Cognito - DevDay Austin 2017

Amazon Web Services

Spsbe15 high-trust apps for on-premises development

BIWUG

Injecting custom code into authentication and authorization in ASP.NET has always been tedious at best. AspNet.Identity is a new library shipping with MVC 5, built to replace both ASP.NET Membership and Simple Membership. AspNet.Identity makes it much easier to implement custom authentication and authorization without the need to rewrite core components. In this session I will go deep into the abstractions that AspNet.Identity builds atop of, and show how to take advantage of these hook points to implement a custom membership system.

Identity in ASP.NET Core

ondrejbalas

Amazon API Gateway is a fully managed service that makes it easy for developers to create, deploy, secure, and monitor APIs at any scale. In this presentation, you’ll find out how to quickly declare an API interface and connect it with code running on AWS Lambda. Amazon API Gateway handles all of the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. We will demonstrate how to build an API that uses AWS Identity and Access Management (IAM) for authorization and Amazon Cognito to retrieve temporary credentials for your API calls. We will write the AWS Lambda function code in Java and build an iOS sample application in Objective C.

(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs

Amazon Web Services

พบกับเซสชั่น "Microsoft Graph for Microsoft 365 and Power Platform" ในงาน Microsoft 365 Developer Bootcamp - แนะนำ Microsoft Graph - เรียนรู้การเรียกใช้งาน REST API เพื่อเข้าถึงข้อมูลบนบริการต่าง ๆ ของ Microsoft 365 โดยคุณแชมป์ Narisorn Limpaswadpaisarn (Microsoft Certified Trainer)

Microsoft graph and power platform champ

Kumton Suttiraksiri

Amazon Cognito now makes it easy to sign up and sign in users to your mobile and web apps. Previously, with Amazon Cognito you can use social identity providers like Facebook, Google, Twitter, and Amazon for user sign-in and federate these identities to allow secure access to AWS resources. Now with User Identity Pools in Amazon Cognito, you get a secure, low-cost, and fully managed user directory that can scale to 100s of millions of users. Join us for an overview of Amazon Cognito and how to get started with User Identity Pools.

Announcements for Mobile Developers

Amazon Web Services

Learn how to build a powerful Android app that leverages a variety of AWS services. In this three-hour, demo-heavy workshop, we show how you can build a modern native client app using the AWS Mobile SDK that uses a number of cross-platform mobile cloud services directly with minimal code on the client. We share best practices for building a highly scalable backend so you can add your own functionality. This is a step-by-step journey where you configure and add components to your architecture, then modify and test your components inside a mobile location-based messaging application. In the end, you will have a mobile application with your own backend consisting of different AWS services including: Amazon Cognito, Amazon Mobile Analytics, Amazon SNS Push Notification, Amazon S3, Amazon CloudFront, Amazon CloudSearch, Amazon DynamoDB, Amazon SQS, and AWS Elastic Beanstalk.

(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...

Amazon Web Services

CIS14: Enterprise Identity APIs

CloudIDSummit

Developing Apps with Azure AD

SharePointRadi

https://www.hackmiami.com/hmc5-speakers-day-2 OAuth is one of the most popular authorization frameworks in use today. All major platforms such as Google, Facebook, Box etc support it and you are probably thinking of implementi ng OAuth for your product/platform.We are not debating the popularity of the protocol or the limitations that come with it. We are here to help you implement it securely. When you use OAuth, there are three pieces - The Platform , the Application (using the platform) and the User (of the application). We will go over the common flaws we have seen in applications built on a OAuth platform which can lead to complete account takeover, how they can be a security engineer's nightmare, and how to fix them. We will go over security controls that the platform can put in place to help mitigate security vulnerabilities. We will also cover how bad design decisions, if chained with otherwise lower risk vulnerabilities can result in gaping holes in your OAuth implementation. You will leave this session with a deep understanding of how OAuth implementation should be secured both for a platform and in an application and things to test for during a security evaluation of OAuth implementations.

Oauth Nightmares Abstract OAuth Nightmares

Nino Ho

Building Solution Templates and Managed Applications for the Azure Marketplace

Microsoft Tech Community

With a complete new Identity/Access Management Suite on the Oracle market, one might forget the good old SSO server, bundled with each and every IAS server. Although it has some out-of-the-box capabilities like WNA and X509 certificate support, it can be quite hard to set up an authentication scheme just the way you (or your customers) like it. Using a case study, this presentation discusses how you can extend Oracle’s Single Sign On (SSO) server to your needs. It will discuss : - Integration & authentication with smartcard passports (eID) - Authentication with digital certificates - Implementing fallback authentication schemes - Integration with SSL terminators and reverse proxies - DIY federated authentication - writing your own SSO plugin The solutions presented are part of AXI NV/BV's portfolio.

Extending Oracle SSO

kurtvm

Similar to Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 2 (20)

"Secure Mobile Apps with the Microsoft Identity Platform", Christos Matskas, ...

Microsoft identity manoj mittal

CTU June 2011 - Windows Azure App Fabric

Introduction to the Microsoft identity platform for developers

Simplify user application authentication using Microsoft Identity Platform

Azure Active Directory - An Introduction for Developers

Securing Serverless Workloads with Cognito and API Gateway Part I - AWS Secur...

OAuth with AngularJS and WebAPI - SoCal Code Camp 2015

Deep Dive on Amazon Cognito - DevDay Austin 2017

Spsbe15 high-trust apps for on-premises development

Identity in ASP.NET Core

(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs

Microsoft graph and power platform champ

Announcements for Mobile Developers

(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...

CIS14: Enterprise Identity APIs

Developing Apps with Azure AD

Oauth Nightmares Abstract OAuth Nightmares

Building Solution Templates and Managed Applications for the Azure Marketplace

Extending Oracle SSO

Recently uploaded

Explore the core of Salesforce success in 'Salesforce Adoption – Metrics, Methods, and Motivation.' We will discuss essential metrics, effective methods to drive adoption, and the driving force behind user engagement and explore strategies for onboarding, training, and continuous support that empower users to navigate the platform seamlessly. By leveraging these tools, you can effectively measure adoption against your company’s goals and create an environment where users not only adopt Salesforce but actively contribute to its ongoing success.

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

CzechDreamin

The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.

Search and Society: Reimagining Information Access for Radical Futures

Bhaskar Mitra

Screen flow is a powerful automation tool that is commonly designed for internal and external users. However, what about the guest users? We will dive into various methods of launching screen flows and understand how to make them publicly accessible, extending their usability to a broader audience. The presentation will also cover the implementation of security layers and highlight best practices for a smooth and protected user experience. Discover the potential of screen flows beyond conventional use and learn how to leverage them effectively.

Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade

CzechDreamin

Intrigued by why some of the world's largest companies (Netflix, Google, Cisco, Twitter, Uber etc) are using gRPC? In this demo based talk we delve into the world of gRPC in .Net, what it does and why we should use it. We compare the interface with both Rest and graphQL. We will show you how to implement grpc server-side in .net and in the web. Finally, I will show you how the tooling helps you deliver powerful interfaces and interact with them quickly and simply.

Demystifying gRPC in .Net by John Staveley

John Staveley

Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application. In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics. Length: 30 minutes Session Overview ------------------------------------------- During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana: - What out-of-the-box solutions are available for real-time monitoring JMeter tests? - What are the benefits of integrating InfluxDB and Grafana into the load testing stack? - Which features are provided by Grafana? - Demonstration of InfluxDB and Grafana using a practice web application To view the webinar recording, go to: https://www.rttsweb.com/jmeter-integration-webinar

JMeter webinar - integration with InfluxDB and Grafana

RTTS

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

ScyllaDB has the potential to deliver impressive performance and scalability. The better you understand how it works, the more you can squeeze out of it. But before you squeeze, make sure you know what to monitor! Watch our experienced Postgres developer work through monitoring and performance strategies that help him understand what mistakes he’s made moving to NoSQL. And learn with him as our database performance expert offers friendly guidance on how to use monitoring and performance tuning to get his sample Rust application on the right track. This webinar focuses on using monitoring and performance tuning to discover and correct mistakes that commonly occur when developers move from SQL to NoSQL. For example: - Common issues getting up and running with the monitoring stack - Using the CQL optimizations dashboard - Common issues causing high latency in a node - Common issues causing replica imbalance - What a healthy system looks like in terms of memory - Key metrics to keep an eye on This isn’t “Death-by-Powerpoint.” We’ll walk through problems encountered while migrating a real application from Postgres to ScyllaDB – and try to fix them live as well.

Optimizing NoSQL Performance Through Observability

ScyllaDB

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

IoT Analytics Company Presentation May 2024

IoTAnalytics

Generative AI architecture, at its core, revolves around the concept of machines being able to generate content autonomously, mimicking human-like creativity and decision-making processes. Unlike traditional AI systems that rely on predefined rules and data inputs, generative AI leverages deep learning techniques to produce new, original outputs based on patterns and examples it has learned from vast datasets. This capability opens up a multitude of possibilities across various domains within an enterprise.

The architecture of Generative AI for enterprises.pdf

alexjohnson7307

In this session, we will showcase how to revolutionize automated testing for your software, automation, and QA teams with UiPath Test Suite. In part 1 of UiPath test automation using UiPath Test Suite – developer series, we will cover, Software testing overview What is software testing Why software testing is required Typical test types and levels Continuous testing and challenges Introduction to UiPath Test Suite UiPath Test Suite family of products Speaker: Atul Trikha, Chief Technologist & Solutions Architect, Peraton and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 1

DianaGray10

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Product School

Discover the essentials of performance testing in the IT sector with our concise guide. Learn about various testing types such as load, stress, endurance, spike, scalability, and volume testing. Understand key performance metrics like response time, throughput, CPU and memory utilization, and error rate. Explore top tools like Apache JMeter, LoadRunner, Gatling, Neoload, and BlazeMeter. Gain insights into best practices for defining objectives, creating realistic scenarios, automating tests, and optimizing performance to ensure user satisfaction, reliability, scalability, and cost efficiency. Ideal for developers, QA engineers, and IT professionals. Visit Expeed Software for more information. https://expeed.com/

In-Depth Performance Testing Guide for IT Professionals

Expeed Software

ODC, Data Fabric and Architecture User Group

CatarinaPereira64715

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.

"Impact of front-end architecture on development cost", Viktor Turskyi

Fwdays

Key Trends Shaping the Future of Infrastructure.pdf

Cheryl Hung

Unlock the mysteries of successful Salesforce interviews in this insightful session hosted by Hugo Rosario (Salesforce Customer), a seasoned hiring manager that leads the Salesforce Department of multinational company with over 100 interviews under their belt. Step into the manager's chair and gain exclusive behind-the-scenes insights into what makes a Salesforce consultant stand out during the interview process. From deciphering the unspoken cues to mastering key strategies, we'll explore the intricacies of the interview process and provide practical tips for consultants looking to not only pass interviews but also thrive in their roles. Whether you're a seasoned professional or just starting your Salesforce journey, this session is your backstage pass to the secrets that hiring managers wish you knew.

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

CzechDreamin

Recently uploaded (20)

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Search and Society: Reimagining Information Access for Radical Futures

Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade

Demystifying gRPC in .Net by John Staveley

JMeter webinar - integration with InfluxDB and Grafana

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Optimizing NoSQL Performance Through Observability

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

IoT Analytics Company Presentation May 2024

The architecture of Generative AI for enterprises.pdf

UiPath Test Automation using UiPath Test Suite series, part 1

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Mission to Decommission: Importance of Decommissioning Products to Increase E...

In-Depth Performance Testing Guide for IT Professionals

ODC, Data Fabric and Architecture User Group

How world-class product teams are winning in the AI era by CEO and Founder, P...

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

"Impact of front-end architecture on development cost", Viktor Turskyi

Key Trends Shaping the Future of Infrastructure.pdf

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 2

1. Azure AD B2C Webinar Series

2. B2C & App Integration with the Microsoft Authentication Libraries (MSAL) Azure AD B2C Webinar series

7. Why MSAL?  Supports OAuth and OIDC  Acquires all types of tokens.  Implements a Token Cache  Developer Friendly API  Battle hardened  Get help when you need it!

8. Authentication Libraries Microsoft Authentication Libraries (MSAL) Used to acquire tokens to call protected APIs Middleware libraries Used by node.js, ASP.NET, ASP.NET Core to validate access tokens in web APIs and ID tokens in Web apps. Scenarios and supported platforms and language

10. AAD B2C

11. Issue a token Read user profile Create an account Sign-Up or Sign- In

12. Policy name Token issuing Redirect back to application Validate and read token Read user profile

13. ACTIVITY

14. ACTIVITY

15. Create an ASP .NET Core Web App Sign-in Users

16.

17. If you start from ASP .NET Core templates If, now, you want to call web APIs reliably: OnAuthorizationCodeReceived deem the auth code build an MSAL.NET confidential client application mplement token cache serialize AcquireTokenSilent

18. Override the OpenIdConnect Events

19. Build a confidential client with MSAL .NET string authority = $"{_applicationOptions.Instance}tfp/“ +"{_microsoftIdentityOptions.Domain}/"+ "{_microsoftIdentityOptions.DefaultUserFlow}"; _application = ConfidentialClientApplicationBuilder .CreateWithApplicationOptions(_applicationOptions) .WithRedirectUri(currentUri) .WithB2CAuthority(authority) .WithHttpClientFactory(_httpClientFactory) .Build();

20. Redeem the auth code with MSAL .NET

21. Implement token cache serialization • Complex (security and performance implications) • Serialization depends on your needs - in memory, - database, - Redis etc …

22. In the Controller, acquire a token with MSAL .NET

23. Building blocks and integration points ASP.NET Core Web App or Web API ASP.NET Core framework ASP.NET Core OIDC middleware ASP.NET Core - JwtBearer middleware Core Components Microsoft.IdentityModel (Wilson) WsTrust… .NET Core

24. ACTIVITY

Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 2

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 2

Similar to Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 2 (20)

Recently uploaded

Recently uploaded (20)

Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 2