This is a list of OpenID Connect and authentication talks that I’ve created.
After writing over 1,000 answers on Stack Overflow, mostly about authentication and OpenID Connect, I’ve seen the same mistakes and pitfalls appear over and over. In this talk, I’ll share some of the most common mistakes developers make when building authentication solutions.
From simple misconfigurations to deeper misunderstandings of protocols and security flows, we’ll explore the traps that are all too easy to fall into when working with ASP.NET Core authentication. You’ll learn why some common practices are actually anti-patterns, how to avoid opening security vulnerabilities, and what best practices can help you build secure, reliable authentication.
Authentication in ASP.NET Core is a complex beast with many concepts and moving parts. In this session, I will clarify how authentication in ASP.NET Core works and explain the key concepts including schemas, handlers, ClaimsPrincipal, claims, challenges, session cookies, and more. Expect a hands-on and a deep dive into the world of authentication.
Most use the JwtBearer authentication handler in ASP.NET Core to secure our APIs. But what does it actually do? What makes it tick? What security and reliability considerations should we be aware of when we go to production? And finally, are there any changes in .NET 8? In this presentation, we will try to bring clarity to these questions.
Token-based security is an area that can be very complex, with its many different standards and concepts. In this seminar I will introduce what OpenID Connect is all about. We will address, among other things:
In this part, we look at how we can apply OpenID Connect in an ASP.NET Core environment and together with IdentityServer to secure an MVC application and API.
This talk is a continuation of the Introduction to OAuth/OpenID Connect talk. We address, among other things:
For more talks, visit my Talks page.
Contact me for a price enquiry or to submit interest.
My name is Tore Nestenius and I have worked as a professional trainer since 2012. I have taught both on-premise at our customers and through various training companies in the Nordic countries, including:
