3. ASP.NET Core Security

Protect your ASP.NET Core back-end with industry-standard authentication and authorization techniques and be ready to handle real-world security challenges with confidence.

Interested in this course? Email us at [email protected]

Course curriculum

1. Course introduction
2. What this course covers
3. What you need to know first
4. Software prerequisites
5. Source code and other resources
1. Introduction
2. Why authentication?
3. What is token based authentication?
4. Understanding JSON Web Tokens
5. Creating JWTs
6. Decoding a JWT
7. Configuring JWT authentication
8. Sending requests with JWTs
9. Using JWT claims in ASP.NET Core
10. Disabling the default claims mapping
11. Knowledge check
1. Introduction
2. Adding the Shopping Basket data model
3. Implementing the Upsert Basket feature
4. Testing the Upsert Basket feature
5. Implementing the Get Basket feature
6. Knowledge check
1. Introduction
2. Why authorization?
3. Types of authorization in ASP.NET Core
4. Requiring authorization in API endpoints
5. Using role-based authorization
6. Using claims-based authorization
7. Using policy-based authorization
8. Refactoring the authorization policy
9. Configuring a fallback policy and anonymous access
10. Implementing an authorization handler
11. Using resource-based authorization
12. Knowledge check
1. Introduction
2. Introduction to Docker
3. Downloading Docker images
4. Running Docker containers
5. Exposing ports
6. Entering a running container
7. Using volumes
8. Using environment variables
9. Introduction to Docker Compose
10. Using Docker compose
11. Knowledge check
1. Introduction
2. Introduction to Keycloak
3. Running Keycloak as a Docker container
4. Creating a realm
5. Creating users
6. Creating and assigning roles
7. Exporting the realm configuration
8. Knowledge check
1. How to Get Personal Help While You Learn
1. Introduction
2. Introduction to OAuth 2.0
3. Understanding the Authorization Code Flow
4. Configuring a client in Keycloak
5. Requesting access tokens from Keycloak
6. Configuring scopes and audience in Keycloak
7. Using refresh tokens
8. Getting access tokens in Postman
9. Knowledge check
1. Introduction
2. Configuring a Keycloak authentication scheme
3. Receiving Keycloak JWTs in protected endpoints
4. Logging JWT events
5. Configuring the role claim in Keycloak
6. Implementing a claims transformer
7. Refactoring the authentication configuration
8. Using Keycloak's email claim
9. Knowledge check
1. Introduction
2. Introduction to OpenID Connect
3. Requesting ID Tokens from Keycloak
4. Exploring the OIDC discovery endpoint
5. Exploring the UserInfo endpoint
6. Exploring the JSON Web Key Set
7. Knowledge check
1. Introduction
2. Configuring the Blazor front-end
3. Running front-end and back-end together
4. The front-end OIDC configuration explained
5. Using the React front-end
1. A Note From Julio...

About this course

85 lessons
7 hours of video content

3. ASP.NET Core Security

Course curriculum

Welcome to the course!

Authentication in ASP.NET Core

The Shopping Basket API

Authorization in ASP.NET Core

Working with Docker

Working with Keycloak

Quick Intermission: Don’t Get Stuck

The OAuth 2.0 framework

Using Keycloak JWTs in ASP.NET Core

The OpenID Connect protocol

UI Integration

Next Steps

About this course