Damien Bowden

Updated: OpenIddict examples using BFF with Angular and Vue.js

github.com/damienbod/bf...

github.com/damienbod/bf...

Support for passkeys.

#aspnetcore #dotnet #angular #vuejs #bff #openiddict #openidconnect #oidc #passkeys

Recording metrics in-process using MeterListener: System.Diagnostics.Metrics APIs - Part 4 In this post I show how you can use MeterListener to listen to Instrument measurements, how to trigger Observable measurements, and how to aggregate values.

Blogged: Recording metrics in-process using MeterListener

andrewlock.net/recording-me...

In this post I show how you can use MeterListener to listen to Instrument measurements, how to trigger Observable measurements, and how to aggregate values

#dotnet #observability

Updated: OpenIddict with Angular and Blazor WASM BFF OpenID Connect Code Flow with PKCE clients and ASP.NET Core APIs

github.com/damienbod/As...

#openiddict #passkeys #openid #oauth #grpc #angular #net10 #dotnet

Add application security to the swiyu generic management verifier APIs using OAuth by @damienbod.com damienbod.com/2026/02/16/a... #aspnetcore

2025 Q4 DDoS threat report: A record-setting 31.4 Tbps attack caps a year of massive DDoS assaults The number of DDoS attacks more than doubled in 2025. The network layer is under particular threat as hyper-volumetric attacks grew 700%.

In case you missed it: the number of DDoS attacks more than doubled in 2025. The network layer is under particular threat as hyper-volumetric attacks grew 700%. blog.cloudflare.com/ddos-threat-...

Add application security to the swiyu generic management verifier APIs using OAuth The article looks at implementing security using OAuth for the swiyu Public Beta Trust Infrastructure generic containers. The container provides endpoint for OpenID verification and the management …

Blogged: Add application security to the swiyu generic management verifier APIs using OAuth

damienbod.com/2026/02/16/a...

#aspnetcore #oauth #swiyu #swiss #openid #yarp #aspire #container #api #iam #security #dotnet

Isolate the swiyu Public Beta management APIs using YARP This post looks at hardening the security for the swiyu public beta infrastructure. The generic containers provide both management APIs and wallet APIs which support the OpenID for Verifiable Prese…

Blogged: Secure the swiyu container using a YARP proxy

damienbod.com/2026/02/09/i...

#swiyu #yarp #aspire #aspnetcore #dotnet #identity #network #oauth #openidconnect #oidc

Creating and consuming metrics with System.Diagnostics.Metrics APIs In this post I provide an introduction to the System.Diagnostics.Metrics API, and show how to create a custom metric and read it with dotnet-coutners

Blogged: Creating and consuming metrics with System.Diagnostics.Metrics APIs

andrewlock.net/creating-and...

In this post I provide an introduction to the System.Diagnostics.Metrics API, show how to create a custom metric, and show how to read it with dotnet-counters

#dotnet

Use client assertions in ASP.NET Core using OpenID Connect, OAuth DPoP and OAuth PAR This post looks at implement client assertions in an ASP.NET Core application OpenID Connect client using OAuth Demonstrating Proof of Possession (DPoP) and OAuth Pushed Authorization Requests (PAR…

Blogged: Use client assertions in ASP.NET Core using OpenID Connect, OAuth DPoP and OAuth PAR

damienbod.com/2026/02/02/u...

#dotnet #aspnetcode #oidc #oauth #par #dpop #identity #duende #aspire #oss #iam #swiyu

February DOTNET Zurich @isolutions, Thu, Feb 5, 2026, 6:00 PM | Meetup **5th February - DotNet Zurich @ Isolutions** *Join us in person at Isolutions!!* This event will happen at Isolutions, The Circle. **Agenda:** * 17:45 Reception open &

Awesome .NET, Swiss Identity event in Zurich on Thursday 5th February

We have a super lineup, great topics and great speakers. It would be great to see you there. All are welcome.

www.meetup.com/dotnet-zuric...

#dotnet #swiss #zurich #iam #identity #iam #mcp #oss #community

GitHub - damienbod/OAuthClientAssertionsPerInstance: Experimental alternative flow for OAuth First-Party Applications Experimental alternative flow for OAuth First-Party Applications - damienbod/OAuthClientAssertionsPerInstance

Updated to .NET 10

Alternative flow for OAuth 2.0 First-Party Applications

github.com/damienbod/OA...

#identity #oauth #oauth2 #native #dotnet #aspnetcore #iam #dpop #duende

Force step up authentication in web applications The post shows how to implement a step up authorization using the OAuth 2.0 Step Up Authentication Challenge Protocol RFC 9470. The application uses ASP.NET Core to implement the API, the web appli…

Blogged: Force step up authentication in web applications

damienbod.com/2026/01/26/f...

#aspnetcore #dotnet #blazor #aspire #identity #oauth #oidc #duende #iam #swiyu #eid

Implementing Level of Identification (LoI) with ASP .NET Core Identity and Duende by @damienbod.com damienbod.com/2026/01/18/i... #aspnetcore

Implementing Level of Identification (LoI) with ASP.NET Core Identity and Duende This article explores how to implement Level of Identification (LOI) in an ASP.NET Core application. The solution uses Duende IdentityServer as the OpenID Connect provider and ASP.NET Core Identity…

Blogged: Implementing Level of Identification (LoI) with ASP.NET Core Identity and Duende

damienbod.com/2026/01/18/i...

#aspnetcore #oauth #openid #dotnet #oidc #iam #swiyu #aspire #oss #identity #eid #swiss #bit #gov #loi #loa #blazor #duende

Set the amr claim when using passkeys authentication in ASP .NET Core by @damienbod.com damienbod.com/2026/01/05/s... #aspnetcore

Encrypting Properties with System.Text.Json and a TypeInfoResolver Modifier (Part 1) - Steve Gordon - Code with Steve In this post we start creating a TypeInfoResolver modifier in System.Text.Json to encrypt and decrypt JSON properties during serialisation.

Blogged: Encrypting Properties with System.Text.Json and a TypeInfoResolver Modifier (Part 1).

In this post we start creating a TypeInfoResolver modifier in System.Text.Json to encrypt and decrypt JSON properties during serialisation.

#dotnet #json

www.stevejgordon.co.uk/encrypting-p...

Implementing Level of Authentication (LoA) with ASP.NET Core Identity and Duende This post shows how to implement an application which requires a user to authenticate using passkeys. The identity provider returns three claims to prove the authentication level (loa), the identit…

Blogged: Implementing Level of Authentication (LoA) with ASP.NET Core Identity and Duende

damienbod.com/2026/01/12/i...

#aspnetcore #dotnet #identity #duende #authentication #loa #passkeys #iam #acr #amr

February DOTNET Zurich @isolutions, Thu, Feb 5, 2026, 6:00 PM | Meetup **5th February - DotNet Zurich @ Isolutions** *Join us in person at Isolutions!!* This event will happen at Isolutions, The Circle. **Agenda:** * 17:45 Reception open &

Cool live event on the 5th Feb 2026, .NET User Group Zürich

Talks:

- How to securely implement MCP with OAuth in .NET
- Swiss Identity in .NET: A Practical Guide to EIAM, aGov, SwissID, Entra ID—and Social Logins

@ isolutions offices: The Circle 388058 Zürich

www.meetup.com/dotnet-zuric...

February DOTNET Zurich @isolutions, Thu, Feb 5, 2026, 6:00 PM | Meetup **5th February - DotNet Zurich @ Isolutions** *Join us in person at Isolutions!!* This event will happen at Isolutions, The Circle. **Agenda:** * 17:45 Reception open &

Cool live event on the 5th Feb 2026, .NET User Group Zürich

Talks:

- How to securely implement MCP with OAuth in .NET
- Swiss Identity in .NET: A Practical Guide to EIAM, aGov, SwissID, Entra ID—and Social Logins

@ isolutions offices: The Circle 388058 Zürich

www.meetup.com/dotnet-zuric...

Set the amr claim when using passkeys authentication in ASP.NET Core The post shows how to set the correct amr value when authenticating using ASP.NET Core Identity and passkeys in .NET 10. When authenticating using OpenID Connect and passkeys authentication, the Op…

Blogged: Set the amr claim when using passkeys authentication in ASP.NET Core

damienbod.com/2026/01/05/s...

#oauth #openid #openidconnect #iam #security #aspnetcore #dotnet #passkeys #fido2 #mfa

Blogged: [HOWTO] Implement Audit Logging in a .NET Core application using Entity Framework Core and Audit.NET

#dotnet #dotnetcore #efcore #auditdotnet #auditing #auditlog #audittrail #traceability

https://damienbod.com/2025/12/20/digital-authentication-and-identity-validation/

Blogged: Digital Authentication and Identity validation

damienbod.com/2025/12/20/d...

#oidc #identity #iam #swiyu #eid #oauth #dpop #openid #security #ecollecting #authentication #loa #loi #vc #oauth2 #swiss #ch #cybersecurity

ASP.NET Core roadmap for .NET 11 · Issue #64787 · dotnet/aspnetcore ASP.NET Core planning for .NET 11 is now in progress! This roadmap is currently just a placeholder. We'll update the roadmap with specific planned features as planning progresses. This issue repres...

#ASPNETCore roadmap for .NET 11 | by Dan Roth

buff.ly/Ohn54FG

#dotnet #webdev #blazor #dotnet11 #apis

The new owasp top ten, the list of items

Big news in #AppSec: the #OWASP Top 10 2025 is now available! I'm part of the project team and ALL OF US want every dev, security engineer, and leader to read it (please).

https://twp.ai/E6ClNO

1/5

Blogged: [Headache Prevention] Workaround for the error "Could not authenticate user with requested resource" when accessing the Aspire dashboard

#azure #dotnet #aspire #dashboard

Trying out the Zed editor on Windows for .NET and Markdown In this post I try out Zed on Windows to see if it can replace my VS Code usages for quick edits of .NET projects and writing Markdown documents

Blogged: Trying out the Zed editor on Windows for .NET and Markdown

andrewlock.net/trying-out-t...

In this post I try out Zed on Windows to see if it can replace my VS Code usages for quick edits of .NET projects and writing Markdown documents.

#dotnet

How to Configure InternalsVisibleTo in the *.csproj File - Improve & Repeat None

How to Configure InternalsVisibleTo in the *.csproj File - #dotNet

improveandrepeat.com/2025/12/how-...

Kind of scary when you think about it: nesbitt.io/2025/12/06/g...

GitHub - damienbod/bff-aspnetcore-vuejs: Backend for frontend security using Vue.js Typescript, Vite, ASP.NET Core backend and Microsoft Entra ID Backend for frontend security using Vue.js Typescript, Vite, ASP.NET Core backend and Microsoft Entra ID - damienbod/bff-aspnetcore-vuejs

Updated .NET 10

Backend for frontend security using Vue.js Typescript, Vite, ASP.NET Core backend and Microsoft Entra ID

github.com/damienbod/bf...

#vuejs #aspnetcore #dotnet #vite #entraid #eid #net10 #typescript

GitHub - damienbod/bff-auth0-aspnetcore-angular: Auth0 Backend for frontend security using Angular CLI and ASP.NET Core backend Auth0 Backend for frontend security using Angular CLI and ASP.NET Core backend - damienbod/bff-auth0-aspnetcore-angular

Updated .NET 10 and Angular 21

Auth0 backend for frontend security using Angular CLI and ASP.NET Core backend

github.com/damienbod/bf...

#aspnetcore #dotnet #auth0 #angular #csp #security #bff