Blog Posts for:

Manually supplying certificate when validating RS256 signed JWT with OWIN
05 March 2018

Shows how you can validate RS256 signed tokens in the OWIN JWT middleware using an offline certificate.

Implementing an OpenIddict Authorization server: Social Login with GitHub
01 March 2018

Expanding the OpenIddict authorization server to allow users to sign in with their GitHub accoouts.

Implementing an OpenIddict Authorization server: A Basic Authorization Server
26 February 2018

A basic introduction to creating an OpenIddict authorization server for OpenID Connect clients.

Creating a Github Webhook with ASP.NET Core and AWS Lambda
23 January 2018

AWS Lambda is an ideal use case for developing GitHub Webhooks. Here's looking at how you can implement one using ASP.NET Core.

Authenticate with OAuth 2.0 in ASP.NET Core 2.0
04 January 2018

An introduction to the generic OAuth 2.0 authentication handler in ASP.NET Core 2.0 which allow you to authenticate users using any OAuth 2.0 provider.

Using MariaDB with ASP.NET Core 2.0
12 December 2017

MariaDB is an open source database compatible with MySQL. Here's looking at how you can use this in your ASP.NET Core application.

Creating Authorization Policies dynamically with ASP.NET Core
20 November 2017

A great tip I picked up from an NDC Oslo presentation which shows how you can dynamically create authorization policies for the ASP.NET Core authorization middleware.

Accessing the OIDC tokens in ASP.NET Core 2.0
01 August 2017

The ASP.NET Core OIDC middleware allow you to save the ID Token and Access Token, so you can access these in your application.

Overriding the NameClaimType when using the ASP.NET Core OpenID Connect middleware
30 May 2017

Overriding the NameClaimType when in the ASP.NET Core OpenID Connect middleware allow you to specify a different claim from the ID Token to use as the name of the subject.

Access the JWT bearer token when using the JWT middleware in ASP.NET Core
26 May 2017

When using the ASP.NET Core JWT authentication handler, there are instances in which you may want to access the actual bearer token which was passed to the request.

Older Posts