Demystifying OpenID Connect’s State and Nonce Parameters in ASP.NET Core
In the world of web application security, OpenID Connect plays a key role in streamlining authentication processes. But what makes it really tick? In this
In the world of web application security, OpenID Connect plays a key role in streamlining authentication processes. But what makes it really tick? In this
ASP.NET Core issues several cookies, including authentication, antiforgery, and session cookies. This blog post will explore what these cookies contain and how they are protected.
Troubleshooting cookie problems in ASP.NET Core I have answered over 1000 questions on Stack Overflow, and cookies are a common source of trouble for developers,
In ASP.NET Core 8, Microsoft added a new authentication handler named BearerToken. In this blog post, I will explain how it works and its purpose.
A common problem when protecting your ASP.NET Core APIs is that expected claims are not found in the user object. In this blog post, I
A common issue with OpenID Connect authentication in ASP.NET Core is that expected claims are missing from the ClaimsPrincipal user object. In this blog post,
A common question that I help developers with on Stack Overflow is how to troubleshoot authentication problems when using the JwtBearer handler. Here I provide
A common question on Stack Overflow is about the different resource types in Dunde IdentityServer. My answer to this question on Stack Overflow is one
As a developer and trainer, it is hard to keep up with all the changes in all the libraries, and in this blog post I
Over at Edument I blogged about how you can use the new source generator feature in .NET 5 to automatically generate an API for a
My name is Tore Nestenius and I’m a trainer and senior software developer focusing on Architecture, Security and Identity, .NET, C#, Backend, and Cloud, among other things.