Category Archives: IdentityModel

IdentityModel: OpenID Connect & OAuth 2.0 Client Library for Mobile/Native Applications

Recently we had a couple of customers that needed to connect their native desktop and mobile applications to an OpenID Connect and OAuth 2.0 back-end. We always had samples that showed how to do this, but making them re-usable and cross-platform … Continue reading

Posted in IdentityModel, OAuth, OpenID Connect | 22 Comments

Validating Scopes in ASP.NET 4 and 5

OAuth 2.0 scopes are a way to model (API) resources. This allows you to give logical “names” to APIs that clients can use to request tokens for. You might have very granular scopes like e.g. api1 & api2, or very coarse grained … Continue reading

Posted in ASP.NET, IdentityModel, IdentityServer, Katana, OAuth, Uncategorized, WebAPI | 10 Comments

IdentityModel 1.0.0 released

Part of the ongoing effort to modernize our libraries, I released IdentityModel today. IdentityModel contains useful helpers, extension methods and constants when working with claims-based identity in general and OAuth 2.0 and OpenID Connect in particular. See the overview here … Continue reading

Posted in .NET Security, IdentityModel, OAuth, OpenID Connect, WebAPI | 7 Comments

Security at NDC Oslo

For a developer conference, NDC Oslo had a really strong security track this year. Also the audience appreciated that – from the five highest ranked talks – three were about security. Troy has the proof. I even got to see Bruce … Continue reading

Posted in .NET Security, IdentityModel, IdentityServer, OAuth, OpenID Connect, WebAPI | Leave a comment

.NET Foundation Advisory Council

I have been invited to join the .NET Foundation advisory council – looking forward to it! http://www.dotnetfoundation.org/blog/welcoming-the-newly-minted-advisory-net-foundation-advisory-council-members

Posted in .NET Security, ASP.NET, IdentityModel, IdentityServer, WebAPI | 2 Comments

Identity & Access Control at NDC London 2014

The NDC Agenda is out now – and Brock and me will do a number of identity & access control related sessions. Brock will talk about identity management in ASP.NET – which is a huge topic – so he split … Continue reading

Posted in .NET Security, ASP.NET, IdentityModel, IdentityServer, Katana, OAuth, OpenID Connect, OWIN, WebAPI | 6 Comments

NDC London: Identity and Access Control for modern Web Applications and APIs

I am happy to announce that NDC will host our new workshop in London in December! Join us to learn everything that is important to secure modern web applications and APIs using Microsoft’s current and future web stack! Looking forward … Continue reading

Posted in .NET Security, ASP.NET, IdentityModel, IdentityServer, Katana, OAuth, OpenID Connect, OWIN, WebAPI | 1 Comment