Refreshing Access Tokens in ASP.NET Core

Client Credential Flow Client acquires Access Token from Authorization Server using ClientId Client Secret Audience GrantType Client sends Access Token to Resource Server Resource Server retrieves jwks.json ASP.NET Core takes care of caching the jwks.json. So only the first API request will be slow. Resource Server validates JWT Signature Resource Server checks expiration, permissions and so on Client receives Protected Resources Setup Auth0 for Machine-to-Machine Authentication https://auth0. [Read More]

Dependency Injection

Explained

A long time ago, I answered several questions on Stackoverflow about Dependency Injection. To get my blog started, I thought to reuse my given answers in this blog post. DIP means that you program against an abstraction. You invert the kind of a dependency from an implementation to an abstraction. IOC means that somebody else is responsible for getting the implementation for the given abstraction. Normally the consumer would use the new keyword to get a dependency. [Read More]