Secure your microservices architecture with C#, OAuth 2.0, OpenID Connect, ASP.NET Core Identity and IdentityServer.
What you'll learn
- Stand up an authorization server and OpenID provider via IdentiyServer
- Implement the OAuth 2.0 authorization code flow with PKCE
- Secure your microservices with ASP NET Core authentication and authorization
- Create an Identity microservice to manage user identity and secure all microservices
- Scaffold user registration and login UI components via ASP NET Core Identity
- Generate and use JSON Web Tokens in Postman
- Implement authentication via OpenID Connect
- Use the .NET Secret Manager to store secrets during local development
- Implement role-based and claims-based security
Requirements
- Basic C# knowledge
- Completed the Building Microservices with .NET: The Basics course
- A computer with Windows, Mac OSX or Linux installed
Description
You know the basics, but there are still many questions to answer: How will your users register and sign in to your system? How can your microservices protect themselves against unauthorized access? What permissions do your users have across the different microservices? Take your microservices architecture to the next level by adding a fundamental component: Security.In this course you will standup a brand new microservice, the Identity microservice. This service will allow users to register and sign in to the system via the ASP.NET Core Identity membership system, as well as act as an authorization server and an OpenId provider thanks to its integration with IdentityServer. With that, all microservices will be protected using modern authorization protocols like OAuth 2.0 and OpenID Connect, the de-facto standards for securing microservices these days.
Here for some of the things you will learn in this course:
- Create an Identity microservice
- Scaffold user registration and login UI components via ASP.NET Core Identity
- Stand up an authorization server and OpenID provider via IdentiyServer
- Generate and use JSON Web Tokens in Postman
- Implement authentication via OpenID Connect
- Implement the OAuth 2.0 authorization code flow with PKCE
- Secure your microservices with ASP.NET Core authentication and authorization
- Use the .NET Secret Manager to store secrets during local development
- Implement role-based and claims-based security
This is a beginner level course, so I intentionally take my time to explain every new concept in a very didactic way to ensure you understand the purpose of the code you are about to write. You will find no magic code copied from external or hidden sources. I will explain every line of code as I add them to the projects.
I make no assumptions on your previous knowledge of security in ASP.NET Core apps or of any of the libraries, tools and techniques used during the course. As long as you are eager to learn by doing, I think you will really enjoy this course since I will explain everything I do as we write the code together.
By the end of this course you will have a fully working Identity microservice, your users will be able to register and sign in to the system and both the microservices created in the previous course will be properly secured. But most importantly you will understand every line of code, you will know how to secure your microservices and why we ended up with the final implementation.
Who this course is for:
- Beginner C# / .NET developers wanting to learn how to secure their microservices
- Experienced C# / .NET developers wanting to get a deep understanding of security in a microservices architecture
- Anyone willing to learn by doing. Even if you have never secured an ASPNET Core app you should not have problems with this course since I will explain every line of code in detail
