End-to-End Secure Web Development with .NET Aspire, JavaScript, E-ID

Hello Berner .NET friends

The e-ID was approved by a narrow majority in the referendum. Let's take this opportunity to look at security and the integration of e-ID into our applications. Marc and Damien will give us some insights.

Abstract
End-to-End Secure Web Development with .NET Aspire, JavaScript Frameworks, and DevSecOps
In this session, we look at the critical techniques for securing web applications, leveraging the power of .NET and modern JavaScript frameworks. Attendees will gain insights into implementing robust authentication and authorization mechanisms, adhering to industry standards such as OAuth and OpenID Connect. Additionally, we will explore strategies for session protection, emphasizing a zero-trust approach to ensure comprehensive security and DevOps SAST using Sonar. Join us to learn best practices and practical solutions for safeguarding your web applications against evolving threats.

Integrating E-ID (swiyu) using ASPNET Core and Aspire
In this session, we look at integrating the Swiss E-ID (swiyu) into an ASP.NET Core web application and Aspire. The E-ID can be used for identity validation, basic authentication or onboarding new users into solutions. This talk gives a technical overview of what can be done with the E-ID and how to use this in your solutions.

About Damien and Marc
Damien is a web developer, architect and a Microsoft MVP for Visual Studio Development Technologies, Sonar Navigator who loves to learn. He contributes regularly to open-source projects on GitHub and Microsoft ASP.NET Core docs. He runs a very popular blog which focuses on ASP.NET Core, application security, Entra and Angular.

Marc is a passionate software engineer, living in Switzerland and interested in DevOps, DevSecOps, application security, web development and Azure. My favourite tools, technologies and standards are GitHub, Azure DevOps, ASP.NET Core, Git, Terraform, PowerShell, OIDC, SQL, EF Core, REST.