Basics Part 1: Introduction to ASP.NET Core Authentication & Authorization
HTML-код
- Опубликовано: 1 авг 2024
- This is an excerpt from our 3-day training course called "Identity & Access Control for modern Applications using ASP.NET Core".
duendesoftware.com/training/iac
Understanding the fundamentals of the ASP.NET Core authentication & authorization system is crucial knowledge for every developer who needs to secure a web application.
Basics Part 1: Introduction to ASP.NET Core Authentication & Authorization
• Basics Part 1: Introdu...
Basics Part 2a: Adding external Authentication to your ASP.NET Core Application
• Video
Basics Part 2b: The "external authentication callback" Pattern
• Basics Part 2b: The "e...
Basics Part 3: Using OpenID Connect for Authentication
• Basics Part 3: Using O...
Great video, the problem is that it ends. I wasted so many weeks trying to understand this auth flow.
Thanks Dominick and Duende for this awesome content.
Great video! Concise and clear at a nice pace with clear examples demonstrating as you go along. Just a great introduction through and through!
Thank you. Definitely beginning to fill-in the gaps that existed on the subject.
Glad it was helpful!
The best authentication lessons that can be found on internet!
The pace and level of explanation is awesome. Kindly consider a video on BFF with a sample implementation.
Super helpful. This is an indicator of a professional tutor. When complex info is ingested, digested and explained in detail in simple words. Awesome!
At last, someone explained this topic in details, thank you sir, will wait for part 2, and JWT handling if you can make a detailed video about it.
Thx for the Introduction, its exactly what I needed! Having a basic understanding on how Authentication/Authorization work with good practices like Policy instead of Roles
Fantastic from-scratch tutorial
This is great, thank you for your content!
Awesome video, great explanations of the authn & authz configuration that was easy to follow and understand.
Grean video! Thanks for explaining it in detail. The video I have been looking for!!
Top-Notch content! 🎉🎉
very informative, thank you sir.
Thank you, so many questions answered
Thank you !
Finally a well explain tutorial, thank u, tell me how can I buy you a beer
Very nice introduction! Thank you!
Glad you liked it!
thank you so much man that's great explanation i will share this video with my friends
Very helpful thank u!
This was insanely good. Learned a lot here! Thank you so mcuh!
Can you please create a video on BFF auth, mobile apps auth, API auth that looks like this:
Web app -> BFF -> Backend API
|
Identity Server
Here BFF provides authentication using Identity server (self hosted) using OIDC and passes some claims to BFF in the token. How does this BFF know the scopes allowed for the user? And how does Backend API know what permission does user has?
Great video! Well explained.
Just a small grammar mistake, @0:31 "we are often getting questions..". I've noticed this is the one mistake almost all Germans make. They never learn when to use simple present vs present continuous. If something is happening "often", then it's regular, and you have to use simple present, ie. "we often get questions".
Is there a way that Duende Identity works in a deployed project? I just created a blazor wasm project and added the option that indicate individual accounts. When i deployed it, the problems appeared.
It seems impossible for me to make it to work in production.
Fantastic lesson. Thanks.
Is there any way to explore that cookie? I am seeing claims that are not part of id_token or access_token, at least not part of the cookie properties' tokens. Yet they are part of the HttpContext.User.. so they must be populated out of the cookie, as per your video. It's a mystery I don't understand.
In the OIDC protocol case (which we haven't covered - but will be in a separate video soon-ish) claims can also come from the UserInfo endpoint.
Great content, Thanks . Isn't "AccesDenied page" require [AllowAnonymous] attribute? Seems like its handled internally though !
Yes, it is
At 57:42, there's this process: "AuthZ middleware calls Challenge and redirects to LoginPath". Shouldn't this be "AuthN middleware..."?
But is this asp. Net core identity using external providers ??? I do not get it yet
Ok man, what about microservises and SPA-side UI?
ruclips.net/video/hWJuX-8Ur2k/видео.html
you forgot to show how to successfully sign in with authorization policy. how to create cookie with claims policies?