OAuth, OpenID Connect and .NET – the Good Parts

Wednesday, 12 October 2022 9:00 AM - 5:00 PM EDT

Register Now

Registration

Sale ended

General Admission Partial Approval - $700.00

Enter your discount code

  • Subtotal (excluding fees and discounts)
  • Fee
  • Total amount

1. Select Seats

2. Review and Proceed

Wednesday, 12 October 2022 9:00 AM - 5:00 PM EDT

OAuth has been around for more than 10 years now, and has become the standard protocol for token-based security. Like every popular technology that has been growing with its requirements, there are some things which work really well, and some that did not quite stand the test of time.

 

2022 is an excellent year to either start learning OAuth & OpenID Connect from scratch or give them a refresher. With the upcoming OAuth 2.1 protocol revision, the protocol has been streamlined and simplified and the specification has been updated to meet modern application and security requirements. At the same time ASP.NET and .NET in general has excellent support for all the moving parts needed to implement an OAuth-based security system.

 

This full day workshop teaches you all the OAuth you need utilizing the most common and practical techniques and libraries in the .NET ecosystem. Besides looking at built-in features of (ASP).NET, we will use popular frameworks like IdentityModel and IdentityServer, and we will learn how to use them to secure native/desktop and web applications as well as SPAs, Blazor WASM applications, APIs and daemons.

 

Agenda

1 Intro

- OAuth history and motivation

- OAuth terminology and architecture

- OAuth 2.1

- Typical protocol flows and application scenarios

 

2 Machine to Machine Communication

- Client Credentials Flow

- Access tokens

- Token Management

- Simplifying protocol interactions with IdentityModel

- Automatic token management

- Writing daemons using .NET Workers

 

3 Securing APIs

- JWT Bearer authentication handler for ASP.NET

- Authorization policies

 

4 Interactive Applications

- Authorization Code Flow

- Proof Key for Code Exchange (PKCE)

- The need for OpenID Connect

- Session management

- Refresh tokens

- Automatic token management with IdentityModel.AspNetCore

- Writing web applications using ASP.NET

 

5 Bringing it all together

- Integrating various applications into one coherent architecture

- Identity Providers & token services

- Federation gateways

- Daemons

- Web applications

- Native/desktop applications (e.g. Windows desktop or mobile apps)

- SPAs / Blazor applications

NDC Conferences USA, INC

NDC Workshops gives you the opportunity to skill-up with software development thought leaders from all over the world, wherever you are in the world. NDC Workshops is a part of NDC Conferences, which has been running in-person workshops and conferences for over 20 years, earning its reputation as one of the most trusted brands in the software developer community.

Contact the Organizer View other events

Learn more aboutAnders Abel Anders Abel
Anders Abel
Application Security Architect
Duende Software

Anders is a senior software architect with extensive experience of security solutions. He has helped implementing IdentityServer in organizations over the world, often in combination with his Saml2 packages. Since 2021, Anders works with Duende Software Inc on designing and implementing authentication solutions built on IdentityServer.

https://duendesoftware.com/

About Anders Abel

Application Security Architect
Duende Software

Comments