Duende Software's legendary training on Identity and Access Management was originally created by Dominick Baier and Brock Allen. With their world-class knowledge, they’ve created a workshop focused on the essential concepts and how they interact. Based on the experience from decades of consulting for hundreds of customers, the workshop is packed with content relevant for real-world modern systems.

Modern application design is more complex than it was a decade or two ago. A modern application is expected to be mobile-first and cloud-based. Microsoft’s answer to these demands was to create ASP.NET Core. A decade later, ASP.NET Core has matured into a trusted development platform covering all components needed in a modern application architecture. 

Multi-platform, microservices, multi-client, and highly-mobile users bring a set of challenges that were not present a decade ago. A modern application cannot be secured just by handling access control in the single UI of the application, because there is no longer any single UI. There are web applications, mobile apps and APIs that are exposed to partners and third-party developers. Internally, an application often consists of multiple microservices calling each other. These services are also frequently reused between different applications and externally visible APIs. 

To properly secure this landscape, a zero-trust approach is required. There should be a verifiable proof of the end user (or end machine) identity for any user session established or API.

Goals

This workshop is your chance to dive into all these security-related technologies. Learn how to securely connect native and browser-based applications to your back-ends and integrate them with enterprise identity management systems as well as social identity providers and services.

After attending this workshop you will have a good understanding of the concepts and will be ready to start implementing a modern identity and access management solution tailored to your organization’s needs.

You will learn:

• The ASP.NET Core Authentication and Authorization System Design Principles.
• How to use external authentication and offer single sign-on and single logout.
• How to securely call APIs on behalf of the authenticated user.
• The principles of the OpenID Connect and OAuth 2.0 Protocols.
• What advanced concepts are available for high security environments, multi-tenancy SAAS offerings, etc.
• How to configure, customize, and deploy Duende IdentityServer.

Two or Three Days of Lectures, Demos and Labs

The full workshop is three days long, so that we can cover all the topics in depth. We also offer the first two days at select conferences (where the workshops are only two days).

Each workshop block starts with lectures explaining the concepts, mixed with extensive live demos and live coding that show how to set up working solutions. At the end of each block, detailed step-by-step labs offer an excellent chance to try it out yourself.

Technologies covered

.NET, ASP.NET Core, MVC, Web APIs, Claims, Authentication, Authorization, OpenID Connect, OAuth 2.0, JSON Web Tokens, Single Sign-on and off, Federation, Home Realm Discovery, Single Page Applications (SPA), Backend for Frontend Pattern (BFF), Mobile/Native Client Applications, Machine-to-Machine API calls, Token Lifetimes and Management, API/Resource Design, Resource Isolation, Token Exchange, Impersonation, Delegation, mTLS, DPOP, Pushed Authorization Requests (PAR), CIBA Device Code Flow.