Delve into using Single Sign-On (SSO) to secure ASP.NET Core applications, including MVC, web API, and more. Discover protocols, configuration, and securing pages and endpoints.

Single Sign-on Authentication and authorization in ASP.NET Core.png

sso.tar.gz

Stand Alone Auth Provider

Client App Only

Full Authentication Flow

Full Authentication Flow With Secondary App

Blazor WebAssembly OIDC

Client and back-end

Securing web applications is extremely important, as you do not want unauthorized people to gain access to your data. The most convenient way of securing an application is to use single sign-on (SSO) because it allows users to authenticate once and gain access to all apps within the same system.

In this course, you’ll cover the process of using SSO in ASP.NET Core apps. You’ll also cover its usage inside all application types supported by ASP.NET Core, including MVC, web API, gRPC services, Blazor, and SignalR.

By the end of this course, you will have learned what SSO consists of, what protocols it uses, and how it’s configured inside an ASP.NET Core middleware. You will also have learned how to secure any endpoints, pages, and views supported by ASP.NET Core.

Using Single Sign-On for Securing Applications in ASP.NET Core

* **Principles of single sign-on:** We learned how single sign-on (SSO) uses a separate application known as identity provider to authenticate the other applications within the ecosystem.

* **Authentication vs. authorization:** We discovered that authentication is used to ensure that the user is who they say they are while authorization is used to determine whether the user has the necessary permissions to access the resource.

* **OpenID Connect:** We learned that this protocolis commonly used for authentication in SSO. It determines how the the client application redirects to the authentication screen and how the access token is shared upon successful authentication.

Review the summary of the course you have completed.

Introduction to Single Sign-On (SSO)

JWT and Authorization Middleware

Enabling SSO in MVC Apps

Enabling SSO in Razor Pages

Enabling SSO in Web API

Enabling SSO in Blazor

Enabling SSO in gRPC

Enabling SSO in SignalR

Wrapping Up

Appendix

Summary