Bullseye 6.0.0 is out now! Thanks to Yauhen Pyl for contributing to this release. nuget.org/packages/Bulls…

Secure your #VueJS apps with OpenID Connect & the BFF pattern! 🔒 We’ll look at the basic architecture of a BFF solution, the responsibilities of each component, and how it all fits together. duende.link/eshdrq4 #Security #OAuth2 #OpenIDConnect #dotnet

Kicking off our Open Source Sponsorship program this quarter, where our developers picked a project we'll sponsor for 12 months: 🙌 Shouldly Assertion Framework We're using it ourselves, and here's why you may want to: duende.link/w4whryh #dotnet #testing

Authorization Policy TagHelpers for ASP .NET Core Razor Views Let's create an AuthorizationPolicyTagHelper to build nicer Razor Pages views where the content depends on the ClaimsPrincipal and authorization policy. 🔐 duende.link/2wywy44 #aspnetcore #dotnet #security

Secure machine-to-machine communication? In this video, Roland walks you through the #oauth2 Client Credentials flow. It's relatively straightforward, and a great way to get introduced to OAuth. 📺 youtu.be/_ncPlNlcavo #oauth2 #identityserver #accesstoken #dotnet #security

What if tomorrow’s code could live in the same place as today’s code? What if it all looked the same? What if we could scale it all the same way? In this video, Adam Ralph will show you how to embrace the future in the code we write now buff.ly/vC4XAdG

Introducing the Duende Developer Community (and a new documentation site!) 🏘️ Community: connect with peers around #identityserver, #bff, #oidc, and more! 📝 New docs: fresh design, new topics, dark mode, ... Learn more on our blog 👉 duende.link/1uiro2d #dotnet #security

Managing OpenAPI Specifications with Backend For Frontend and Swagger UI 📚 We'll briefly recap the BFF pattern, and then dive into a sample & learn how to reveal your OpenAPI specifications securely. duende.link/73hbw12 #dotnet #security #bff #openapi #aspnetcore

In recent weeks, some of our customers reported performance degradations. You won't believe what happened next 😱 Clickbait aside, #efcore, SqlClient, and transient retries don't always go well together. More on our blog! duende.link/1khti3w #dotnet #identityserver #azure

IdentityServer can use OpenTelemetry and share metrics, traces, and logs to help monitor and troubleshoot applications. In this post, we'll see how to surface this data in the .NET Aspire dashboard! 🧐 duende.link/xa5p1r3 #dotnet #aspire #identityserver #otel

What are key moments in the OAuth and OpenID Connect timeline? In this article, we look back at the past 15 years to explore how the IETF and OpenID Foundation have set standards that shaped OAuth and OpenID Connect today. duende.link/q39aegk #dotnet #security #ietf #oidc

Monitoring IdentityServer License Usage with #aspnetcore Health Checks 🔍 🤔 How to create custom health checks 👍 Registering them 💡 Example health checks for IdentityServer Find out in this blog post! duende.link/hi7fw5q #dotnet #identity

As a tech lead, how can you help get things right with distributed systems? Find out in the LEAD Podcast with Adam Ralph, René van Osnabrugge, and Geert van der Cruijsen, live at Techorama app.springcast.fm/19539/a-messag…

Terms like "client" in OpenID Connect and OAuth 2.0 are clear for security folks, but non-technical people are sometimes confused. In this post, let's clarify what a "client" means in application security. duende.link/m8tyde4 #dotnet #security #identity

The #dotnet 8.0.17 upgrade fixed validation of forwarded headers and proxy server configuration in load balanced scenarios. Great! Or not 🤔 This patch may affect your #aspnetcore app. 😱 Check our blog post for background and fix: duende.link/0mgnet8

Writing code was never the bottleneck in software engineering. LLMs made it cheaper to write, not easier to understand, review, or maintain. That’s still the bottleneck. Let’s not pretend it isn’t.

Add an extra layer of security to critical user actions! 🛡️ Learn how to implement Step Up challenges in your #aspnetcore apps with Duende #IdentityServer to enhance user verification and re-confirm identity for some activities. duende.link/qthej2r #dotnet #security #oidc

Great post by Pedro Tavareλ ordep.dev/posts/writing-…

Great post!

Fresh post on external providers in #aspnetcore We cover initial setup, the connection between external and cookie authentication, and discusses why alternatives might be better for production apps. duende.link/q24tubs #security #identity #dotnet