You’ve probably seen how a ASP.NET Core application works, but authentication and authorization are a different cup of tea. Microsoft completely re-did a large part of these security features in ASP.NET Core. ASP.NET Identity enables you to do authentication for a single application and has a lot of ready-to-go features, but isn't it better to do centralized authentication with a token service using OpenId Connect? We'll explore that question and I'll explain and show you both ASP.NET Core identity the IdentityServer framework that helps you write a token service. Authorization has undergone a complete overhaul in ASP.NET Core. There's still the authorize attribute, but the recommended way of using it is by utilizing policies. You'll see how that works as well. After this session you'll know what options you have for implementing authentication in ASP.NET Core. And you will have a basic understanding on how to implement these options. Also you'll know how to enforce authorization rules in your ASP.NET Core app.
Roland is a Microsoft MVP enjoying a constant curiosity around new techniques in software development. His focus is on all things .NET and browser technologies. As a long-time trainer, he led many courses on these topics and spoke about them at international conferences. He also travels around the globe to offer his self-developed workshops. The word that comes to mind when he thinks about software development is passion!