From the course: Microservices: Security
Join today to access over 24,700 courses taught by industry experts.
Work with OAuth 2.0 endpoints
From the course: Microservices: Security
Work with OAuth 2.0 endpoints
- [Instructor] To get a better sense of how an OAuth flow works, we're going to secure and access a small .NET microservice. For our example, I built a small web API that returns a user's chat messages, which are stored in a SQL server database. So, this is the microservice that we registered in Microsoft Entra, and now we will implement token-based authorization for it. .NET Has great integration with Microsoft Entra that makes it really simple to achieve that for a microservice. If you've worked with any web framework before, you're probably familiar with the concept of a controller, or something similar that processes a web request. Here, in this controller, you'll notice we defined these two annotations, authorize and required scope. These allow our microservice to authorize incoming requests using an access token. The authorized attribute will cause .NET to validate the token it receives from the client, and then, the required scope attribute points to a scope's property that's…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Tokens4m 41s
-
(Locked)
OAuth 2 primer4m 58s
-
(Locked)
OAuth in Microsoft Entra6m 31s
-
Register client applications4m 26s
-
(Locked)
Issuing tokens5m 28s
-
(Locked)
Work with OAuth 2.0 endpoints7m 26s
-
(Locked)
Issuing identity tokens with OIDC6m 40s
-
(Locked)
Token validation6m 47s
-
(Locked)
Token maintenance and protection3m 58s
-
(Locked)
-
-
-