Securing Modern .NET Core App
Table of Contents:
OAuth 2.0
OpenID Connect
OAuth 2.0 & OpenID Connect: Interplay and Usage
.NET OpenIddict & .NET IdentityServer, How Similar are they?
- OAuth 2.0 Implementation and supported features
- OIDC Implementation and supported features
.NET OpenIddict & .NET IdentityServer, How Different are they?
- OpendictId
- IdentityServer
- Choosing between them
IAM
- Keycloak
- OpenIAM
- Choosing Between OpenIAM and Keycloak
DIF
Keycloak.AuthServices provides robust authentication mechanisms for both web APIs and web applications. For web APIs, it supports JWT Bearer token authentication, which allows clients to authenticate to the API by providing a JWT token in the Authorization header of their requests. For web applications, it supports OpenID Connect, a simple identity layer on top of the OAuth 2.0 protocol, which allows clients to verify the identity of the end-user, obtain basic profile information about the end-user, etc.
Implement ASP.NET Core OpenID Connect OAuth PAR client with Keycloak using .NET Aspire
This post shows how to implement an ASP.NET Core application which uses OpenID Connect and OAuth PAR for authentication. The client application uses Keycloak as the identity provider. The Keycloak application is hosted in a docker container. The applications are run locally using .NET Aspire. This makes it really easy to develop using containers.
.NET Web API with Keycloak
In this article, we will explore the advantages of using Keycloak, an open-source identity and access management solution. With Keycloak, you can easily add authentication and authorization to your applications, benefiting from the robustness of a proven system instead of building your own. This allows you to avoid the complexities and security challenges of managing application access control on your own.