Azure app configuration with no secrets using Azure managed identity

by Karl Solgård
azure identity

Some applications have secrets. Sometimes secrets lie in the app settings. If these gets in the hands of someone evil, it could have dire consequences. We don't want to deal with these app settings at all! That's where TokenCredentials and managed identity comes in!…

Supporting multiple valid issuers in identity server with JWT tokens

by Karl Solgård
dotnetcore identity

Changes in software are inevitable. Every part - even the most permanent - of a system might change at some point. The issuers of JWT tokens in your identity server is an example of such a part. When we look at an openid configuration one can find various information about…