- Home>
- OpenID Connect
Tag Archives for " OpenID Connect "
Azure AD authentication in angular using MSAL angular v2 library
Published April 27, 2022
in Angular
, ASP.NET core
, Azure
, Azure Active Directory
, OAuth2
, OpenID Connect
, security
- 2 Comments
In previous projects, I use Oidc-client-js to authenticate users against azure AD. Oidc-client-js is a great library but is no longer maintained by the main author. Because of this, I have switched to MSAL angular v2 in my current project. Microsoft provides good documentation and sample projects to help developers to integrate the library into their project. I am able to follow the sample project to get authentication working in my angular application, albeit a few hiccups along the way. In this post, I share some of the issues I ran into and how I structure the codes for authentication.
Continue readingBuilding or leveraging an OIDC provider to protect web applications.
In this post, I write about OpenID and OAuth2 providers, and what can you use to build or leverage them to protect your web applications.
Continue reading
Tags:
authorization server
, Azure ADB2C
, claims based identity
, IdentityServer4
, OAuth2
, oidc
, OpenID Connect
OIDC implicit flow in angular with MSAL for angular, Microsoft Identity Platform (v2.0) and Azure AD.
Published July 13, 2019
in Angular
, Azure
, Azure Active Directory
, OAuth2
, OpenID Connect
, security
In this post, I share my experience about doing OpenID Connect (OIDC) implicit flow using Microsoft Authentication library (MSAL) for Angular, Microsoft Identity Platform (v2.0), and Azure AD. This post is part of the blog post series in which I cover implementing OIDC flows to protect as system that consists of an angular front-end application and asp.net core web apis. In the previous post, I give a high level overview of the technologies involved in protecting such a system.
Protecting angular and ASP.NET core applications – An Overview.
In this and upcoming blog posts, I’ll be talking about integrating Azure Active Directory (AAD) and leveraging open source libraries to protect a system consisting of an angular application and ASP.NET core web apis.
In this post, I just want to give a high level overview of the setup and the technologies involved in securing such as system. As such, I likely gloss over some of the points. In subsequent posts, I’ll cover the specific parts in more details.
Why OAuth2 is not for authentication.
If you are like me, you might have thought OAuth 2 is for both authentication and authorization. After all, the main OAuth 2 flows ( Authorization Code, Implicit, User Credentials ) all require a resource owner to authenticate against an authorization server. In this post, I’ll talk about some of the reasons I’ve learned why OAuth 2 is not for authentication.