OAuth2


image_thumb.png 4
Introduction As APIs and web services become more and more prevalent, particularly in the Enterprise, there is an increasing need to look at ways to secure the more important interfaces, particularly if they enable access to sensitive data. Recently, I’ve been investigating ways to secure ASP.NET Web APIs using Active […]

Securing a Web API with ADFS 3.0 and JWT tokens


1
Identity Server 3 supports the Client Credentials OAuth2 grant.  I wrote a brief introduction to both OAuth2 and IdentityServer3 last month, this is a follow-on article exploring some other facets of authentication. This is a little bit like basic authentication, in that the client (the application which wants to consume […]

How IdentityServer3 Handles Client Credentials Flow


image_thumb.png
Tonight I finally got around to installing the recently released Windows Server Technical Preview 2, which was published around the time of the annual BuildConf in the US. So I ran up a Hyper-V image and hit the standard product selection screen.  I was greeted, as it has been rumoured, […]

First look: Windows Server Technical Preview 2 and ADFS vNext



image_thumb.png
Introduction In recent times, I’ve become very intimately acquainted with OpenID Connect, OAuth2 as well as SAML, JWT, WS-Federation and more.  It’s a complicated world. Since I dwell amongst the Microsoft ecosystem, I’m very experienced with Active Directory Federation Services (AD FS) which in its latest version supports OAuth2 endpoints […]

Identity Server – An Introduction