ASP.NET Identity 2 Fundamentals

ASP.NET Identity 2 is the most recent user management library from the ASP.NET team. This course will teach you the basics of claims-based identity, how the ASP.NET Identity library works, and how to integrate the library with an ASP.NET application.
Course info
Rating
(97)
Level
Intermediate
Updated
Apr 13, 2017
Duration
2h 28m
Table of contents
Course Overview
Introduction to ASP.NET Identity and Claims Based Identity
Implementing ASP.NET Identity
Extending ASP.NET Identity
Adhering to Security Best Practices
Separating Concerns Advanced Topics
Description
Course info
Rating
(97)
Level
Intermediate
Updated
Apr 13, 2017
Duration
2h 28m
Description

ASP.NET Identity is the latest user management library from the ASP.NET team, replacing the ASP.NET Membership and Simple Membership libraries. In this course, ASP.NET Identity 2 Fundamentals, you'll learn everything you need to get started with the ASP.NET Identity library. First, you'll explore the best practices. Next, you'll discover security considerations. Finally, you'll learn how to integrate the library with modern ASP.NET MVC web applications. When you are finished with this course, you'll be armed with the knowledge to implement ASP.NET Identity in your own web application, creating a robust user store that integrates with modern security libraries.

About the author
About the author

Scott Brady is a software developer specializing in identity and access management. Focusing on ASP.NET, Scott has increasingly found himself in undocumented territory, piecing together the facts and attempting to pass them on so that others don't have to go through the same.

More from the author
Getting Started with OAuth 2.0
Intermediate
1h 43m
Sep 14, 2018
ASP.NET Core Identity Deep Dive
Intermediate
2h 31m
Mar 9, 2018
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Scott Brady and welcome to my course ASP. NET Identity 2 Fundamentals. I am a senior software developer at Rock Solid Knowledge, the European commercial partners of the Identity Server open source project. ASP. NET Identity is a modern user management library for ASP. NET, replacing the previous ASP. NET membership and simple membership libraries. And it offers a wide range of functionality along with integration with modern security frameworks. Some of the major topics that we will cover include two-factor authentication, password reset, external authentication, and security best practices. By the end of this course you will be able to integrate ASP. NET Identity with an existing ASP. NET MVC application. Before beginning this course, you should be familiar with creating ASP. NET MVC web applications. I hope you'll join me on this journey to learn ASP. NET Identity with the ASP. NET Identity 2 Fundamentals course on Pluralsight.

Introduction to ASP.NET Identity and Claims Based Identity
Hi, my name is Scott Brady and welcome to the ASP. NET Identity 2 Fundamentals course and this introductory module, Introduction to ASP. NET Identity and Claims Based Identity. In this course we will look at the ASP. NET Identity library and how it helps solve many of the problems we face when creating a user store for our applications. We'll initially do this with the library's out of the box APIs and then look at how can extend it to meet business requirements and implementation scenarios. As we do this, we will also dispel some of the myths that plague the library, hopefully leaving you with a better appreciation for what the library is intended for and when best to use it. In this introductory module we will cover the initial question of what is ASP. NET Identity and what can it do for me? Here we will also look at the basics of claims based identity, a concept that is at the core of ASP. NET Identity. We'll then move on to something equally important and that's what ASP. NET Identity is not. Looking at some common misconceptions about the library and how the library can be misused. We will also look at past user stores from Microsoft that you may have used before and we will discuss why ASP. NET Identity is now the recommended solution, and finally we will take a quick look at some code and what the APIs will look like when you are developing your application or library.

Implementing ASP.NET Identity
Hi, my name is Scott Brady and welcome to the Implementing ASP. NET Identity module of the ASP. NET Identity 2 Fundamentals course on Pluralsight. In this module we will be looking at the internals of the ASP. NET Identity library and how it all fits together. We'll do this by taking a deep dive into the source code of the library, it's architecture and how it affects us as implementers when using the library. After that we'll take a look at the default Entity Framework implementation that works with most popular relational databases and most common use cases. These defaults are an excellent place to get started with the library if you are new to the concept of identity. Then we'll take a look at the OWIN Helper library, available as part of the ASP. NET Identity library and how it can help us integrate with modern security libraries. And finally, we'll walk through implementing ASP. NET Identity as our identity store within an ASP. NET MVC application. This will take you from zero to hero, at the end of which you will be able to register and authenticate users based on identity data taken from ASP. NET Identity. A quick warning before we begin, if you are not interested in the internals of the ASP. NET Identity library, but just want to get started implementing it within your application using Entity Framework defaults, then I recommend you skip the IUser, IUserStore and UserManager section of this module, instead advancing directly onto the Entity Framework default section once you complete the initial architecture section.

Extending ASP.NET Identity
Hi and welcome to the Extending ASP. NET Identity module of the ASP. NET Identity 2 Fundamentals course on Pluralsight. In this module we're going to look at how we can extend the default schema found in the ASP. NET Identity Entity Framework library by adding extra tables and indexable properties. Then we will look at how to enable two factor authentication and password reset functionality within ASP. NET Identity using the available hooks for email and SMS providers and both default and custom token providers.

Adhering to Security Best Practices
Hi and welcome to the Adhering to Security Best Practices module of the ASP. NET Identity 2 Fundamentals course on Pluralsight. In this module we are going to focus on the security policy aspects of the ASP. NET Identity library, including user and password validation and how we can configure the default implementations of these. We're also going to look at user lockout functionality for basic protection against brute force attacks. The out of the box password hashing implementation and finally the OWIN based security stamp validation for automatic user sign out.

Separating Concerns Advanced Topics
Welcome to the final module of the ASP. NET Identity 2 Fundamentals course. This time we're going to be talking about separating concerns. In this module we're going to talk about how to implement proper dependency injection using a DI container that is external from the OWIN pipeline and cleaning up our code in the process. Then we're going to take a look at some useful design patterns that we can apply to the ASP. NET Identity library to achieve specific functionality, and finally we're going to look at how to move away from the OWIN pipeline completely and what we need to change in order to use a different security library and cookie handling.