Cloud-Native Development

CCW03 Azure App Service Security for ASP.NET Core MVC and WebAPI


9:30am - 10:45am

Level: Intermediate to Advanced

Benjamin Day

Author, Trainer, Developer

Azure App Services have a great feature that’s nicknamed “Easy Auth”. It’s also known as Azure App Service Authentication & Authorization. It lets you configure your app so that users can log in using Azure Active Directory (AAD), Facebook, Google, Twitter, or Microsoft Account (MSA). It’s great because all the difficult authentication and identity stuff is handled by Azure without you having to code anything in your ASP.NET Core MVC or WebAPI app.

In this session, Ben will should you the basics of Azure “Easy Auth” – how it works, why it’s helpful, and how to set it up. After that, we’ll go ‘off road’ to start extending “Easy Auth” in order to handle more complex scenarios such as enabling multiple authentication providers simultaneously, writing custom ASP.NET Core Middleware to implement claims-based authorization in your application, using ASP.NET Core Policy-based authorization in your app, and how to create a “development mode” version of security that you can use on your local machine without Azure.

You will learn:

  • About Azure App Service Authentication & Authorization (“Easy Auth”)
  • How “Easy Auth” works
  • How you can use ASP.NET Core Middleware to extend it beyond just the simple, basic scenarios