In this post, I describe how to authenticate to OneDrive using any Azure AD account or personal Microsoft account and upload and download files. At the end of this post, you will have an understanding of how to leverage Azure, Microsoft Identity, the Microsoft Graph API, and OneDrive for storage in your application. This post requires a Microsoft account and OneDrive subscription. The free one will work. It also requires an Azure subscription with permissions to modify Active Directory. I have not been charged yet with this example but Azure costs may apply depending on usage.

In this post, I configure an Azure B2C tenant and show how to authenticate a user through a single page application to connect to endpoints in a custom API application. By the end, you will have a working demo of an authenticated user interacting with authorized API endpoints through a SPA using Azure B2C. The single page application contains a breakout-inspired game that tracks users' scores using a custom API. An Azure subscription is required but, at the time of this post, creating an azure B2C tenant is free up to a certain number of active users.

This post is an update to my previous post on how to create a custom user store in dotnet core 2. It contains updated code for working with dotnet core 3.x, the Visual Studio 2019 MVC project template, and updated screenshots. The end result is the same, an in-memory user store to plug into the ASP .NET Core Identity system.

This post is an update to my previous post on how to create a custom password hasher in dotnet core 2. It contains updated code for working with dotnet core 3.x, the Visual Studio 2019 MVC project template, and updated screenshots. The end result is the same, a custom password hasher to plug into the ASP .NET Core Identity system.

In this post, I will look at how to extend the ASP .NET Core Identity membership system to use a custom user store. This will store users in memory and not a database. This would not be useful in a production application because the list of users resets every time the application is started. However, by customizing ASP .NET Core Identity, we gain a better understanding of the components and how they fit together. This tutorial requires Visual Studio 2017 and dotnet core 2.0.

In this post, I will look at how to extend the ASP .NET Core Identity membership system to use a custom class for hashing passwords. ASP .NET Core Identity is very extendable and extending it is a good way to get a better understanding of how the system works. We can customize it by providing new implementations to its interfaces. As with any custom security implementation, customization should be done with care and be backed by good reasons. That being said, lets have some fun. This tutorial requires Visual Studio 2017, dotnet core 2.0, and LocalDb.

In this post, I detail the steps to implement a custom external identity provider in Sitefinity. At the end, you will have a Sitefinity instance configured as a client to a separate IdentityServer application. When a user authenticates to IdentityServer the user will be authenticated to Sitefinity and assigned the 'User' role. This uses the OpenID Connect standard. I do not assume there is a pre-configured IdentityServer application already running. I will cover both the IdentityServer setup and Sitefinity setup. This post uses Sitefinity 11 and IdentityServer 4. The software required for this tutorial is Visual Studio 2017, SQL Server Express, .NET framework 4.7.1, dotnet core 2.0, and git (Optional).