In this article I will describe the concepts of authentication and authorization in ASP.NET, and why it still can be confusing, even knowing authentication and authorization concepts. [Read More]

This article shows how to enable blazor web assembly application, to obtain the authorization to access web API with Azure AD B2C. [Read More]

In this article i will describe how to create custom Winforms window, which can be resized, dragged, and snapped, providing the same experience as standard Windows window. [Read More]

In this article I will compare two methods, which can be used by this client application prove its identity to Entra ID (Azure AD) in the process of OAuth authorization. [Read More]

Device code grant described in RFC8628 is an extension to original OAuth 2.0 specification RFC6749. [Read More]

In OAuth clickjacking attack the attacker tricks the user into authorizing malicious application to access user’s resources. Clickjacking attack is usually hard to notice by the user, though it can be very harmful. [Read More]

Application wants to access your account! Permission requested – application would like to read your profile and calendar! OAuth 2.0 is an authorization protocol that simplifies accessing user’s resources in modern applications. This article explains into OAuth 2.0 protocol from application developer, presenting how modern applications provides effortless login, empowers... [Read More]

In previous article I described general ideas on how to integrate OAuth 2.0 authorization and authentication with desktop applications. In this article I will describe how to implement authentication in .NET desktop application with Auth0, using default system browser to perform user’s login and logout actions. [Read More]

This article presents challenges and solutions for integration of OAuth 2.0 authorization with desktop applications. Vast majority of OAuth 2.0 compliant authorization servers lead user through authentication and consent process using html-based web form. This article shows how to seamlessly integrate this process into desktop application, to obtain id or/and... [Read More]

This article continues the series, related with session management solutions in Azure AD B2C. Previous post outlined polling-based approach, which can be used to determine session status in SSO scope. Today I will focus on front-channel logout. [Read More]

Previous article describes session management possibilities provided by OpenId Connect. OpenId-Connect session represents the authenticated user context, maintained between Applications, running on users device, and Identity Provider Server. Vast majority of modern web application works in the context of logged-in user. OAuth-based solutions delegate identity management to external Identity Provider... [Read More]

OpenId-Connect session represents the authenticated user context, maintained between Applications and Identity Provider Server. Session enables applications to provide seamless authentication experience by: [Read More]

Refresh tokens are commonly used in OAuth based authorization scenarios. The purpose of refresh token is to retrieve new id/access token from authorization server, without user interaction. In simple scenarios, once access token expires, user is forced to reauthenticate in order to get new token. With refresh tokens, expired access... [Read More]

Azure AD B2C provides advanced tools for user identity and access management. Modern applications often delegate identity and access management to external services. At the same time authorization and authentication needs to be highly flexible, providing features as: Integration with external identity providers like GitHub or Facebook etc. Customization of... [Read More]