Demystifying OpenID Connect’s State and Nonce Parameters in ASP.NET Core
In the world of web application security, OpenID Connect plays a key role in streamlining authentication processes. But what makes it really tick? In this
.NET
Exploring what is inside the ASP.NET Core cookies
ASP.NET Core issues several cookies, including authentication, antiforgery, and session cookies. This blog post will explore what these cookies contain and how they are protected.
Debugging cookie problems in ASP.NET Core
Troubleshooting cookie problems in ASP.NET Core I have answered over 1000 questions on Stack Overflow, and cookies are a common source of trouble for developers,
BearerToken: The new Authentication handler in .NET 8
In ASP.NET Core 8, Microsoft added a new authentication handler named BearerToken. In this blog post, I will explain how it works and its purpose.
Debugging JwtBearer Claim Problems in ASP.NET Core
A common problem when protecting your ASP.NET Core APIs is that expected claims are not found in the user object. In this blog post, I
Debugging OpenID Connect Claim Problems in ASP.NET Core
A common issue with OpenID Connect authentication in ASP.NET Core is that expected claims are missing from the ClaimsPrincipal user object. In this blog post,
Troubleshooting JwtBearer authentication problems in ASP.NET Core
A common question that I help developers with on Stack Overflow is how to troubleshoot authentication problems when using the JwtBearer handler. Here I provide
IdentityServer – IdentityResource vs. ApiResource vs. ApiScope
A common question on Stack Overflow is about the different resource types in Dunde IdentityServer. My answer to this question on Stack Overflow is one
ASP.NET Core JwtBearer library: what’s new?
As a developer and trainer, it is hard to keep up with all the changes in all the libraries, and in this blog post I
.NET 5 Source Generators – MediatR – CQRS – OMG!
Over at Edument I blogged about how you can use the new source generator feature in .NET 5 to automatically generate an API for a
About me
My name is Tore Nestenius and I’m a trainer and senior software developer focusing on Architecture, Security and Identity, .NET, C#, Backend, and Cloud, among other things.