Securing Microservices in ASP.NET Core

By Kevin Dockx
This course will teach you how to secure your ASP.NET Core microservices using a variety of best practice patterns for authentication and authorization.
Get started
Play course overview
Course info
Rating
(57)
Level
Advanced
Updated
Nov 30, 2020
Duration
3h 36m
Table of contents
Course Overview
Course Overview 1m
Securing Your First Microservice
Coming Up 1m Course Prerequisites 1m Frameworks and Tooling 1m Inspecting the GloboTicket Demo Application 3m Demo - Getting Started with the Globoticket Demo Application 3m Token-based Security for Microservices 7m Demo - Inspecting an Identity Service 6m Accessing a Microservice on Behalf of the Client Application 2m Demo - Blocking Access to a Microservice 4m Demo - Accessing a Microservice on Behalf of the Client Application 9m Using the Identity Microservice to Log In 2m Demo - Using the Identity Microservice to Log In 12m Demo - Logging Out 3m Accessing a Microservice on Behalf of the User 1m Demo - Accessing a Microservice on Behalf of the User 6m Summary 2m
Improving Your Security with Service to Service and Token Exchange Patterns
Coming Up 1m The Problems with “One Token to Rule Them All” 3m Demo - Tightening Access with One Audience per Microservice 5m Comparing Security Scenarios 3m Authorization with Scopes Inside of a Microservice 1m Demo - Authorization with Scopes Inside of a Microservice 5m Downstream Service to Service Communication on Behalf of the Client 2m Supporting Token Exchange 3m Demo - Adding Support for the Token Exchange Grant 6m Demo - Service to Service Communication on Behalf of the User 7m Further Improvements 2m Summary 1m
Implementing Security with API Gateway and BFF Patterns
Coming Up 1m Exploring the API Gateway 2m A Common API Gateway Security Pattern 2m Introducing Ocelot 3m Demo - Adding Ocelot 7m Demo - Integrating Ocelot with Our Identity Service 6m Passing User Information to a Microservice 2m Demo - Passing User Information to a Microservice 6m The Backend-for-frontend Pattern 2m Summary 2m
Improving the API Gateway Pattern
Coming Up 0m Improving the API Gateway Pattern (Part 1) 4m Demo - Making Microservices Responsible for Validating Incoming Tokens 5m Demo - Configuring the Gateway for Scope-based Microservice Access Authorization 8m Improving the API Gateway Pattern (Part 2) 2m Demo - Making the Gateway Responsible for Exchanging Tokens 11m Summary 1m
Enabling Long-lived Access and Token Stores
Coming Up 1m Learning About Token Expiration 3m Demo - Refreshing Tokens with IdentityModel.AspNetCore 4m Refreshing and Storing Tokens When Flows Are Not Initiated by the User 2m Demo - Adding Token Store Support for Custom Flows 6m Summary 1m
Securing Async Service Communication
Coming Up 1m Approaches to Service Bus Security 3m Introducing the Upcoming Demos 1m Demo - Requesting a Token 5m Demo - Sending and Validating a Token 11m Dealing with Token Expiration 3m Demo - Dealing with Token Expiration 4m Choosing the Right Security Approach for Your Use Case 3m Summary 2m
Description
Course info
Rating
(57)
Level
Advanced
Updated
Nov 30, 2020
Duration
3h 36m
Your 10-day individual free trial includes:

Expert-led courses

Keep up with the pace of change with thousands of expert-led, in-depth courses.
Start a 10-day free trial
Description

Authentication and authorization are two very important aspects of a secure microservices architecture. In this course, Securing Microservices in ASP.NET Core, you'll learn how to secure your microservices using a variety of best practice techniques for authentication and authorization. You'll learn how to work with an identity microservice, how to apply security with and without an API gateway, and how to improve upon the default security approach to reach a best-of-class implementation. By the end of this course you'll be comfortable implementing best-practice security techniques in microservices architectures.

About the author
Kevin Dockx
About the author

Kevin Dockx is a freelance solution architect (mobile/web), author & consultant, living in Antwerp (Belgium).

More from the author
Building a Consistent RESTful API with OData V4 in ASP.NET Core
Beginner
3h 44m
Jun 25, 2021
Consuming an OData v4 API
Beginner
1h 12m
Jun 25, 2021
Using HttpClient to Consume APIs in .NET
Intermediate
3h 26m
Jun 1, 2021
More courses by Kevin Dockx
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Kevin. Welcome to my course, Securing Microservices in ASP.NET Core. I'm a Microsoft MVP and freelance solution architect, currently focused on security and building APIs. In this course, we're going to learn how to secure a microservices architecture in ASP.NET Core. Various approaches for this exist, each with their own set of advantages and disadvantages. Some of the major topics that we will cover include securely accessing microservices on behalf of the client app and on behalf of the user, token exchange and downstream service‑to‑service communication, working with an API gateway, and securing async service bus communication. By the end of this course, you'll know how to secure your microservices architectures from a simple approach right up to a best‑of‑class implementation. Before beginning the course, you should be familiar with building microservices with ASP.NET Core and C#. I hope you'll join me on this journey to learn how to secure microservices with the Securing Microservices in ASP.NET Core course at Pluralsight.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT

Course info
Rating
(57)
Level
Advanced
Updated
Nov 30, 2020
Duration
3h 36m
Pluralsight IQ
Know exactly where everyone on your team stands with assessments and analytics.
Try our full library including this course free for your whole team for 14-days.