tndata

When you’re working with the Data Protection API in ASP.NET, you quickly notice how powerful and simple this service is. At the same time, you have little insight into how it operates. In this blog post, I will introduce a simple debugger tool for this API.

The Data Protection API (DPAPI) is an essential service in ASP.NET Core that is often overlooked. This post will give an overview of what it does and how we can store its encryption keys in Azure Key Vault.

This blog post explores how we can improve the security of your ASP.NET Core authentication security by reducing the size of our cookies.

In this blog post, we dive deep into two critical security features of OpenID Connect – the state and nonce parameters – and how they are used in ASP.NET Core.

ASP.NET Core issues several cookies, including authentication, antiforgery, and session cookies. This blog post will explore what these cookies contain and how they are protected.

Dealing with cookie problems? I’ve written a handy step-by-step troubleshooting guide for ASP.Net Core! It walks you through how to fix browser omissions and rejections, and lost cookies.

In ASP.NET Core 8, Microsoft added a new authentication handler named BearerToken. In this blog post, I will explain how it works and its purpose.

Struggling to solve missing JwtBearer claims in ASP.Net Core? I’ve written an easy step-by-step diagnostic guide that can help you.

A common issue with OpenID Connect authentication in ASP.NET Core is that expected claims are missing from the ClaimsPrincipal user object. In this blog post, I will provide some ideas for how to diagnose these types of problems.

Struggled to troubleshoot Jwtbearer authentication problems in ASP.NET? I’ve written about some of
the best step-by step ways to do so in this blog post.

This blog post clarifies the various resource concepts in Duende IdentityServer, including IdentityResources,
ApiResources and ApiScopes.