Identity & Access Control for modern Applications and APIs using ASP.NET Core 7
Modern application design has changed quite a bit in recent years. "Mobile-first" and "cloud-ready" are the types of applications you are expected to develop. Also, to keep pace with these demands, Microsoft has revamped their complete web stack with ASP.NET Core to meet these architectural demands.
Multi-platform, multi-client, and highly-mobile users bring a new set of challenges, so the approaches of the past are no longer appropriate for modern applications. This two-day workshop is your chance to dive into all things security related to these new technologies. Learn how to securely connect native and browser-based applications to your back-ends and integrate them with enterprise identity management systems as well as social identity providers and services.
Technologies covered:
.NET Core, ASP.NET Core, MVC, Web APIs, Claims, OpenID Connect, OAuth 2.0, WS-Federation, SAML, JSON Web Tokens, Single Sign-on and off, Federation, Delegation, Home Realm, Discovery, CORS
Day 1: Foundation & Authentication
- Identity & Access Control in ASP.NET
- ASP.NET Core Security Framework
- Claims-based Identity
- Cookie-based Authentication
- Social Logins (e.g. Google, Facebook, Twitter, etc.)
- OpenID Connect
- Data Protection
- Authorization
- Web Application Patterns
- Single Sign-on/Single Sign-off
- Claims Transformation
- Federation Gateway
- Account & Identity Linking
- Home Realm Discovery
Day 2: Web APIs & Access Control
- Securing APIs
- Architecture & Scenarios
- Token-based Authentication
- OAuth 2.0
- Clients
- Scopes
- Flows
- Token Lifetime Management
- Refresh Tokens
- OpenID Connect & OAuth 2.0 Combined
- Server-to-server Communication
- Native & Mobile Applications
- SPAs
- Custom Credentials & Token Requests
Day 3: Duende IdentityServerArchitecture & Scenarios
- Setup
- Configuration
- Dependency Injection
- Services
- Customizations
- Claims & Tokens
- User Interface
- Storage System
- UI Workflows
- Logging & Eventing
- Hosting & Deployment
Computer Setup:
Attendees will need to bring a computer with the latest .NET Core SDK and the IDE of your choice (e.g. Visual Studio) installed.
Brock Allen is a consultant specializing in .NET, web development, and web-based security. He also is an instructor for the training company DevelopMentor, associate consultant for Thinktecture, a contributor to the Thinktecture IdentityModel and IdentityServer open source projects and a contributor to the ASP.NET platform.
Joe DeCock is a software consultant and trainer from the Twin Cities. He has more than a decade of experience working on software in a variety of industries, including Healthcare, Finance, Television, Legal, and Publishing. He specializes in Identity, .NET and IdentityServer.
Outside of work, Joe enjoys cooking, board games, and spending time with his family.