Claims and scopes describe user information in OpenID Connect. Let's see how Duende IdentityServer handles consent, different client types, required vs. optional scopes, and what happens when a client doesn't get everything it asked for. https://t.co/X305Urmd7g 👀 #dotnet

Adding .NET 10 Passkey Support to Duende IdentityServer 👉 https://t.co/mEzYZLjIqs Learn how to add #dotnet 10 passkey support to a non-Blazor project such as MVC or Razor Pages. #security #aspnetcore #identity #webauthn

Fresh post on external providers in #aspnetcore We cover initial setup, the connection between external and cookie authentication, and discusses why alternatives might be better for production apps. https://t.co/4lvxvmTbkQ #security #identity #dotnet

Great post!

Writing code was never the bottleneck in software engineering. LLMs made it cheaper to write, not easier to understand, review, or maintain. That’s still the bottleneck. Let’s not pretend it isn’t.

Great post by @ordepdev

Add an extra layer of security to critical user actions! 🛡️ Learn how to implement Step Up challenges in your #aspnetcore apps with Duende #IdentityServer to enhance user verification and re-confirm identity for some activities. https://t.co/h36NsakS98 #dotnet #security #oidc

The #dotnet 8.0.17 upgrade fixed validation of forwarded headers and proxy server configuration in load balanced scenarios. Great! Or not 🤔 This patch may affect your #aspnetcore app. 😱 Check our blog post for background and fix: https://t.co/ficyYq3tBh

As a tech lead, how can you help get things right with distributed systems? Find out in the LEAD Podcast with @adamralph, @renevo, and @GeertvdC, live at @TechoramaBE

Terms like "client" in OpenID Connect and OAuth 2.0 are clear for security folks, but non-technical people are sometimes confused. In this post, let's clarify what a "client" means in application security. https://t.co/beiEKzWm86 #dotnet #security #identity

Monitoring IdentityServer License Usage with #aspnetcore Health Checks 🔍 🤔 How to create custom health checks 👍 Registering them 💡 Example health checks for IdentityServer Find out in this blog post! https://t.co/jiN8AGBICY #dotnet #identity

What are key moments in the OAuth and OpenID Connect timeline? In this article, we look back at the past 15 years to explore how the IETF and OpenID Foundation have set standards that shaped OAuth and OpenID Connect today. https://t.co/7m1QVC0HN7 #dotnet #security #ietf #oidc

IdentityServer can use OpenTelemetry and share metrics, traces, and logs to help monitor and troubleshoot applications. In this post, we'll see how to surface this data in the .NET Aspire dashboard! 🧐 https://t.co/BveIp734pc #dotnet #aspire #identityserver #otel

In recent weeks, some of our customers reported performance degradations. You won't believe what happened next 😱 Clickbait aside, #efcore, SqlClient, and transient retries don't always go well together. More on our blog! https://t.co/AcbXYFksWn #dotnet #identityserver #azure

Managing OpenAPI Specifications with Backend For Frontend and Swagger UI 📚 We'll briefly recap the BFF pattern, and then dive into a sample & learn how to reveal your OpenAPI specifications securely. https://t.co/Rze8lxJZNV #dotnet #security #bff #openapi #aspnetcore

What if tomorrow’s code could live in the same place as today’s code? What if it all looked the same? What if we could scale it all the same way? In this video, @adamralph will show you how to embrace the future in the code we write now

Introducing the Duende Developer Community (and a new documentation site!) 🏘️ Community: connect with peers around #identityserver, #bff, #oidc, and more! 📝 New docs: fresh design, new topics, dark mode, ... Learn more on our blog 👉 https://t.co/Q0oXs3vaWX #dotnet #security

Secure machine-to-machine communication? In this video, Roland walks you through the #oauth2 Client Credentials flow. It's relatively straightforward, and a great way to get introduced to OAuth. 📺 https://t.co/dYLpf2AGBH #oauth2 #identityserver #accesstoken #dotnet #security

Authorization Policy TagHelpers for ASP .NET Core Razor Views Let's create an AuthorizationPolicyTagHelper to build nicer Razor Pages views where the content depends on the ClaimsPrincipal and authorization policy. 🔐 https://t.co/Jzqa3QWDgE #aspnetcore #dotnet #security

Kicking off our Open Source Sponsorship program this quarter, where our developers picked a project we'll sponsor for 12 months: 🙌 Shouldly Assertion Framework We're using it ourselves, and here's why you may want to: https://t.co/SlqSjJ5H9l #dotnet #testing