Modern applications require modern security and the OpenID Connect and OAuth2 security protocols are designed to meet this need. To achieve a modern security architecture you must then use something called a “security token service” that implements these protocols. In this session we will look at how applications are now architected to incorporate and use a token service for authentication thus providing single sign-on. We will also see how this same token service also provides tokens for securing Web APIs.
Currently Brock is an independent consultant specializing in .NET, web development, and web-based security with 20 years of industry experience.Brock is the co-author of many security related open source frameworks including IdentityServer, IdentityManager, and MembershipReboot. He also frequently posts to the ASP.NET (http://asp.net/) forums, is a MVP for ASP.NET/IIS (http://asp.net/IIS), a member of ASPInsiders and a contributor to the ASP.NET (http://asp.net/) platform.