Advanced

Securing ASP.NET Core with OAuth2 and OpenID Connect

Authorization code flow with PKCE, claims, refresh tokens, ASP.NET Core Identity, federation and MFA.

Demo application: ImageGallery (MVC client + API + Marvin.IDP with Duende IdentityServer)

Duende IdentityServer is the open-source library used to build the identity provider (IDP) Marvin.IDP. It implements OAuth2 and OpenID Connect.

Historical problem: traditional applications managed authentication themselves → password in each app, no SSO.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

21 sections
  1. 1 Table of Contents
  2. 2 Overview and Architecture
  3. 3 Secure Architectures and History
  4. 4 OpenID Connect — Introduction and Flows
  5. 5 Authorization Code Flow + PKCE
  6. 6 Claims Transformation
  7. 7 OAuth2 — Client-Side Authorization
  8. 8 Securing the API
  9. 9 Authorization Policies — RBAC vs ABAC
  10. 10 Token Expiration, Refresh Tokens, Reference Tokens
  11. 11 BFF Pattern for JavaScript Clients
  12. 12 User Database — Local Configuration
  13. 13 ASP.NET Core Identity — Integration
  14. 14 Federation — Active Directory, Entra ID, Facebook
  15. 15 Federated Identity and User Provisioning
  16. 16 MFA with TOTP (Authenticator Apps)
  17. 17 Advanced ASP.NET Core Identity
  18. 18 Deploying to Production
  19. 19 Complete Config.cs — Production Configuration
  20. 20 Security Best Practices
  21. 21 Glossary

Interested in this course?

Contact us to book it or get a custom training plan for your team.