Following on from my previous post on identity with .NET and containers, I wanted to expand on this to look at authentication loops from Entra ID. The symptoms of this issue are pretty simple, when you hit your .NET container based application, secured with Entra ID, you are sent in a loop to the authentication … Continue reading .NET Authentication Loop with Container Based Apps
In this post, we will take a look at the configuration of .NET applications using the Identity libraries for Azure Entra ID, which are containerised and sit behind load balancers. Before we get into the detail, first I want to share some background. When you don't have your app registration in Entra ID properly configured … Continue reading .NET Identity and Containers Behind Load Balancers
In this post, I am sharing some of the tips and tricks I've learned from building .NET microservices over the years. A big thank you to the team at the Festive Tech Calendar, as this is my contribution this year. All throughout December, make sure you check out some of the fantastic sessions offered up … Continue reading Notes From the Field: Building .NET Microservices
Both REST and GraphQL are approaches to building APIs that allow systems to communicate with each other. However, both have different mechanisms and philosophies, let's dig into the differences. Introduction to GraphQL First of all, what is a GraphQL API, why would we want to use it and what does a GraphQL API look like. … Continue reading Looking at REST vs GraphQL APIs in .NET
Sometimes, for example dynamic navigation, we may need to expose data about the current URL, this post looks at using ViewContext to expose this data. The scenario is as follows, you know a user is part of a policy that allows administration access, but your layout caters for both regular users and an administration dashboard. … Continue reading Exposing Route Data for Dynamic Navigation in .NET MVC
If you are using cookie based authentication in your .NET application and setting claims, updating those claims can be a real pain. This post has some simple code to make this happen. First of all, let's set the scenario. If we are not changing security based settings, and for example just updating someone's name, or … Continue reading Updating Existing Claims in .NET with Cookie Authentication
In this post, we take a look at how to make sure you .NET Core Web API containers work well in auto-scalaing scenarios on Azure Kubernetes Service. When you first access a newly released .NET Core Web API, even locally, does not have to be in a container, you will notice the first request is … Continue reading Auto-Scaling .NET Core Web API Containers
The following posts are part of this series: Part 1: Creating your App Registration Part 2: Configuring your code Part 3: Securing your API endpoints In the previous post, we looked at the setup of your code to start accepting bearer tokens for authentication. Now we are looking at the validation of these tokens and … Continue reading Protecting Web APIs Using Microsoft Identity Platform: Part 3
The following posts are part of this series: Part 1: Creating your App Registration Part 2: Configuring your code Part 3: Securing your API endpoints Defining protected First of all, let's look at what we mean by protected. Much like in ASP.NET, in ASP.NET Core, you can use the [Authorize] attribute to define that your … Continue reading Protecting Web APIs Using Microsoft Identity Platform: Part 2
The following posts are part of this series: Part 1: Creating your App Registration Part 2: Configuring your code Part 3: Securing your API endpoints Let's begin I'm not going to cover the steps involved in creating an app registration. This is covered, in detail, in the Microsoft documentation. In this article though, I want … Continue reading Protecting Web APIs Using Microsoft Identity Platform: Part 1
Martyn Coupland 