In this post I provide an introduction to the System.Diagnostics.Metrics API, and show how to create a custom metric and read it with dotnet-coutners

This post looks at implement client assertions in an ASP.NET Core application OpenID Connect client using OAuth Demonstrating Proof of Possession (DPoP) and OAuth Pushed Authorization Requests (PAR…

**5th February - DotNet Zurich @ Isolutions** *Join us in person at Isolutions!!* This event will happen at Isolutions, The Circle. **Agenda:** * 17:45 Reception open &

Experimental alternative flow for OAuth First-Party Applications - damienbod/OAuthClientAssertionsPerInstance

The post shows how to implement a step up authorization using the OAuth 2.0 Step Up Authentication Challenge Protocol RFC 9470. The application uses ASP.NET Core to implement the API, the web appli…

This article explores how to implement Level of Identification (LOI) in an ASP.NET Core application. The solution uses Duende IdentityServer as the OpenID Connect provider and ASP.NET Core Identity…

In this post we start creating a TypeInfoResolver modifier in System.Text.Json to encrypt and decrypt JSON properties during serialisation.

This post shows how to implement an application which requires a user to authenticate using passkeys. The identity provider returns three claims to prove the authentication level (loa), the identit…

**5th February - DotNet Zurich @ Isolutions** *Join us in person at Isolutions!!* This event will happen at Isolutions, The Circle. **Agenda:** * 17:45 Reception open &

**5th February - DotNet Zurich @ Isolutions** *Join us in person at Isolutions!!* This event will happen at Isolutions, The Circle. **Agenda:** * 17:45 Reception open &

The post shows how to set the correct amr value when authenticating using ASP.NET Core Identity and passkeys in .NET 10. When authenticating using OpenID Connect and passkeys authentication, the Op…

This blog post outlines the implementation of audit logging using Audit.NET in .NET Core applications with Entity Framework Core. It discusses the purpose of audit logs, which enhance traceability and compliance, and details the setup process, including modifying the DbContext, creating tracking properties, and configuring audit data storage in a dedicated entity.

ASP.NET Core planning for .NET 11 is now in progress! This roadmap is currently just a placeholder. We'll update the roadmap with specific planned features as planning progresses. This issue repres...

Recently, I deployed a .NET Aspire solution to Azure Container Apps (via Azure Container registry). The Azure Container Apps resource is running within my personal Azure tenant. In my personal tenant, my user is assigned as Owner of the corresponding resource group and therefore also Owner (by inheritance) of the Container Apps Environment which resides within the same resource group. Furthermore, my user has Azure built-in role…

In this post I try out Zed on Windows to see if it can replace my VS Code usages for quick edits of .NET projects and writing Markdown documents

None

GitHub Actions has a package manager that ignores decades of supply chain security best practices: no lockfile, no integrity verification, no transitive pinning

Backend for frontend security using Vue.js Typescript, Vite, ASP.NET Core backend and Microsoft Entra ID - damienbod/bff-aspnetcore-vuejs

Auth0 Backend for frontend security using Angular CLI and ASP.NET Core backend - damienbod/bff-auth0-aspnetcore-angular

OpenIddict backend for frontend security using Angular CLI and ASP.NET Core backend - damienbod/bff-openiddict-aspnetcore-angular