A while ago, it has been announced that App Service on Linux has gained the ability to make use of Authentication / Authorization as well. Originally, I wanted to publish the article earlier, but I got to finish it just now. This article is going to walk you through how the Authentication / Authorization works in App Service on Linux and might give you few hints how to make some more use of it.Continue reading “Exploring App Service Authentication on Linux”
When authenticating a user, you might want to persist the state through the authentication request – for example whether the user is authenticating for some special action like organizational signup or simply some state of your application. ASP.NET Core makes this very easy.Continue reading “Passing state through authentication in ASP.NET Core”
We have been migrating couple of projects to ASP.NET Core 2.0 recently. Amongst the major changes in ASP.NET Core 2.0, probably the biggest change has been done in the Authentication. I have written an article about cookie size in ASP.NET Core which explains the basic issue with too many claims in the identity. ASP.NET Core 2.0 OIDC addresses this by removing some of the token values from the identity on the background.Continue reading “Missing claims in ASP.NET Core 2.0 OpenID Connect”
When I was writing a web application with ASP.NET Core with Azure AD and Microsoft Graph, I ran into a very interesting issue – the identity cookies would get really large (8 kB or more in chunked authentication cookies) and therefore all the requests to the site would contain this much data in headers. This was bearable because it just “worked” but then I tried accessing the site from Safari on a MacBook or an iPhone and the server would return errors when trying to rebuild the user’s identity.