If you are looking to get an understanding of the various approaches to user authentication, how they rank up, and what libraries to use to implement it in ASP.NET Core, then check out my new Pluralsight course: “ASP.NET Authentication – The Big Picture”.
I have designed this course so that you can either watch it end to end or pick the parts that matter to you; with the aim to give you both a pragmatic overview of modern authentication, along with a practitioner’s recommendation of useful libraries with which to implement them.
The theory in this course applies to all languages and frameworks, but all code samples and library recommendations are for ASP.NET Core.
This is an easy-going short course, which can be completed in a few lunch breaks.
Topics Covered
- Understanding Your Application's Authentication Needs: How to choose the right authentication method for your app. Theory suitable for any language or framework that aims to get your mind in the right place to start thinking about user authentication
-
Authentication: A Primer: A primer on all thing’s authentication and how each method compares.
Again, this is general theory that aims to be pragmatic enough to help you choose the right authentication methods for your users without any drama.
Topics include:
- Passwords
- SMS OTP, TOTP, and Push notifications
- FIDO2
- Windows authentication
- Social authentication
- OAuth (for APIs)
- OpenID Connect
- Biometrics
-
Choosing the Best Fit for Your Server-side Application: ASP.NET Core recommendations for implementing many of the techniques from the authentication primer.
Includes recommendations on where to learn more and covers:
- ASP.NET Identity
- Windows authentication using IIS
- ASP.NET Core authentication handlers
- IdentityServer4
- FIDO2 for ASP.NET Core (hold your horses for another 24 hours for a further announcement on that…)
-
Choosing the Best Fit for Your Browser-based Application (e.g. SPA): Recommendations for user authentication in a SPA with an ASP.NET Core backend.
Includes recommendations on where to learn more and covers:
- oidc-client-js
- SameSite cookies
- ASP.NET Core backend for frontend
-
Choosing the Best Fit for Your Native Application (e.g. desktop or mobile application): Recommendations for a native application using an ASP.NET Core backend.
Includes recommendations on where to learn more and covers:
- AppAuth for Android, iOS, macOS, and JavaScript
- IdentityModel.OidcClient
- Biometrics in ASP.NET Core using FIDO2
I hope you enjoy the course. If you have any feedback or future topic suggestions, let me know!