Setting up Managed Identities for ASP.NET Core web app running on Azure App Service

A few weeks ago I wrote about Secure application development with Key Vault and Azure Managed Identities which are managed, behind the scenes, by Azure Active Directory. At the end of that blog post, I promised to show you how to take your app from local development to production seamlessly, leveraging Managed Identities on the Azure App Service. What does the app currently doBefore setting things up on Azure, let's remind ourselves quickly what the application does and where Azure Managed Identities and Key Vault fit. The Razor Web App retrieves two secrets from Key Vault without having to configure …[read more]

Working with Azure EasyAuth (Azure App Service Authentication) and .NET Core 3.1

Working with authentication in your apps can sometimes be tricky and every app has its own constraints. But the Azure platform provides developers and organizations with many options when it comes to implementing authentication and authorization, from fully customized, coded solutions to turn-key authentication with little to no code changes. Imagine the scenario where you already have an app that was coded without authentication. This could be an app that was developer to run internally but now it needs to be moved to Azure. To secure access to the app, you have 2 options: Add authentication in code so that …[read more]

Create sample data for Cosmos DB with .NET Core

Aren't you bored of stockmarket ticker and ToDo sample apps and data? Do you long for some more realistic data to build great app samples around it? Well, guess what? Problem solved? How do you feel about Volcanos? If you love them (and fear them) like I do, then this is the blog for you. below I'll show you how to create a small console app that generates sample data and then populates a Cosmos DB database with it. PrerequisitesSince Cosmos DB is an Azure service, you'll need and Azure Subscription. Grab one for FREE here! For this example we …[read more]

Create an Azure AD protected API that calls into Cosmos DB with Azure Functions and .NET Core 3.1

In today's post we will see how we can create an Azure AD protected API using Azure Functions. The API will use Cosmos DB as a backend and authorized users will be able to interact with the Cosmos DB data based on their permissions. We will be using .NET Core 3.1 and C# to put all this together. There are 3 main components here Azure AD to for token validation and authorizationThe Function AppThe Cosmos DB databaseFirst, we will need to create and populate our Cosmos DB with some data. If you already have sample data then that's awesome, …[read more]

Create a protected .NET Core 3.1 API that calls into MS Graph on behalf of a Power App

In this blog post I'm going to explain how to create a .NET Core API that accepts authenticated requests from a Power App, validates the user and then makes a call into MS Graph to retrieve the appropriate data. All secured via Azure AD while using the latest (and funkiest) Microsoft.Identity.Web library for authentication and the MS Graph SDK for getting the Graph ┬ádata. If you haven't used the Microsoft.Identity.Web NuGet package yet, ┬áthen I would urge you to have a look at the repo and start integrating it with your ASP.NET Core apps. The …[read more]

Create a .NET Core Deamon app that calls MSGraph with a certificate

A couple of days ago I blogged about pulling OneDrive data with MS Graph in .NET Core. I wrote all the code in a console app because it was the simplest way to get me what I needed. Mind you, a console app is not the best way when it comes to creating user interactive apps but it's convenient. However, convenience comes with a price: I ended up writing a console app that needs user interaction for authenticating the app. So what is the right way to do this? How can we create a headless app/daemon that can still …[read more]