Identity & Access Control for modern Applications and APIs online



Kursarrangør: Programutvikling AS
Sted: Nettkurs / Nettstudie
Hele landet
Type:Nettkurs og nettstudie
Undervisningstid: Ta kontakt for informasjon
Varighet: 3 days

We offer online course about Identity & Access Control for modern Applications and APIs using ASP.NET Core 6. Modern application design has changed quite a bit in recent years. "Mobile-first" and "cloud-ready" are the types of applications you are expected to develop.

Content:
Also, to keep pace with these demands, Microsoft has revamped their complete web stack with ASP.NET Core to meet these architectural demands. Multi-platform, multi-client, and highly-mobile users bring a new set of challenges, so the approaches of the past are no longer appropriate for modern applications.

This two-day workshop is your chance to dive into all things security related to these new technologies. Learn how to securely connect native and browser-based applications to your back-ends and integrate them with enterprise identity management systems as well as social identity providers and services.

Technologies covered:
.NET Core, ASP.NET Core, MVC, Web APIs, Claims, OpenID Connect, OAuth 2.0, WS-Federation, SAML, JSON Web Tokens, Single Sign-on and off, Federation, Delegation, Home Realm, Discovery, CORS

Day 1 - Foundation & Authentication:
• Identity & Access Control in ASP.NET
• ASP.NET Core Security Framework
• Claims-based Identity
• Cookie-based Authentication
• Social Logins (e.g. Google, Facebook, Twitter, etc.)
• OpenID Connect
• Data Protection
• Authorization
• Web Application Patterns
• Single Sign-on / Single Sign-off
• Claims Transformation
• Federation Gateway
• Account & Identity Linking
• Home Realm Discovery

Day 2 - Web APIs & Access Control:
• Securing APIs
• Architecture & Scenarios
• Token-based Authentication
• OAuth 2.0
• Clients
• Scopes
• Flows
• Token Lifetime Management
• Refresh Tokens
• OpenID Connect & OAuth 2.0 Combined
• Server-to-server Communication
• Native & Mobile Applications
• SPAs
• Custom Credentials & Token Requests

Day 3 - Duende Identity Server Architecture & Scenarios:
• Setup
• Configuration
• Dependency Injection
• Services
• Customizations
• Claims & Tokens
• User Interface
• Storage System
• UI Workflows
• Logging & Eventing
• Hosting & Deployment

Speaker: Brock Allen, Application Security Architect

Brock Allen is a consultant specializing in .NET, web development, and web-based security. He also is an instructor for the training company DevelopMentor, associate consultant for Thinktecture, a contributor to the Thinktecture IdentityModel and IdentityServer open source projects and a contributor to the ASP.NET platform.

Computer Setup:
Attendees will need to bring a computer with the latest .NET Core SDK and the IDE of your choice (e.g. Visual Studio) installed.