{"id":15410740,"url":"https://github.com/damienbod/aspnetcoremeidcae","last_synced_at":"2025-04-19T09:46:00.798Z","repository":{"id":37981906,"uuid":"476300001","full_name":"damienbod/AspNetCoreMeIDCAE","owner":"damienbod","description":"Microsoft Entra ID Continuous Access in an ASP.NET Core Razor Page, Blazor app using a Web API","archived":false,"fork":false,"pushed_at":"2024-01-14T11:42:10.000Z","size":1400,"stargazers_count":15,"open_issues_count":2,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-29T07:03:46.697Z","etag":null,"topics":["aad","azuread","blazor","cae","continuousaccess","dotnet","microsoftidentity","oauth","oidc","razoraspnetcore"],"latest_commit_sha":null,"homepage":"https://damienbod.com/2022/04/20/implement-azure-ad-continuous-access-evaluation-in-an-asp-net-core-razor-page-app-using-a-web-api/","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/damienbod.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-31T12:40:19.000Z","updated_at":"2024-01-15T09:59:04.000Z","dependencies_parsed_at":"2022-07-12T00:03:00.680Z","dependency_job_id":"2314d060-dbee-4aca-9b44-fd1d3b4afc37","html_url":"https://github.com/damienbod/AspNetCoreMeIDCAE","commit_stats":{"total_commits":168,"total_committers":1,"mean_commits":168.0,"dds":0.0,"last_synced_commit":"fc737794f1c9a150e7ac5b861726c03fee85200e"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/damienbod%2FAspNetCoreMeIDCAE","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/damienbod%2FAspNetCoreMeIDCAE/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/damienbod%2FAspNetCoreMeIDCAE/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/damienbod%2FAspNetCoreMeIDCAE/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/damienbod","download_url":"https://codeload.github.com/damienbod/AspNetCoreMeIDCAE/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249191391,"owners_count":21227555,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aad","azuread","blazor","cae","continuousaccess","dotnet","microsoftidentity","oauth","oidc","razoraspnetcore"],"created_at":"2024-10-01T16:46:07.961Z","updated_at":"2025-04-16T03:34:18.001Z","avatar_url":"https://github.com/damienbod.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![.NET](https://github.com/damienbod/AspNetCoreAzureADCAE/actions/workflows/dotnet.yml/badge.svg)](https://github.com/damienbod/AspNetCoreAzureADCAE/actions/workflows/dotnet.yml)\n\n# Razor, Blazor Page Microsoft Entra ID  Continuous Access\n\n[Implement Microsoft Entra ID  Continuous Access in an ASP.NET Core Razor Page app using a Web API](https://damienbod.com/2022/04/20/implement-azure-ad-continuous-access-evaluation-in-an-asp-net-core-razor-page-app-using-a-web-api/)\n\n[Implement Microsoft Entra ID  Continuous Access (CA) step up with ASP.NET Core Blazor using a Web API](https://damienbod.com/2022/05/23/implement-azure-ad-continuous-access-evaluation-cae-step-up-with-asp-net-core-blazor-using-a-web-api/)\n\n[Implement Microsoft Entra ID  Continuous Access (CA) standalone with Blazor ASP.NET Core](https://damienbod.com/2022/05/30/implement-azure-ad-continuous-access-evaluation-cae-standalone-with-blazor-asp-net-core/)\n\n[Force MFA in Blazor using Microsoft Entra ID and Continuous Access](https://damienbod.com/2022/06/13/force-mfa-in-blazor-using-azure-ad-and-continuous-access/)\n\n[Force phishing resistant authentication in an ASP.NET Core application using Microsoft Entra ID ](https://damienbod.com/2022/10/10/force-phishing-resistant-authentication-in-an-asp-net-core-application-using-azure-ad/)\n\n# History \n\n- 2024-01-14 Updated packages, improved security headers\n- 2023-11-04 Updated packages, fixed security headers\n- 2023-08-06 Updated packages\n- 2023-04-29 Updated packages, some style fixes\n- 2023-02-19 Updated to .NET 7\n- 2022-10-09 Updated packages\n- 2022-09-11 Updated packages\n- 2022-06-13 Force MFA authn from an APP\n- 2022-05-23 Improve code in Blazor applications\n- 2022-05-20 Add standalone samples\n- 2022-05-13 Add CAE Blazor example\n- 2022-05-08 Update packages\n- 2022-04-16 Update packages\n- 2022-04-05 Added CAE admin tool using Microsoft Graph\n- 2022-04-03 initial version\n\n## Azure app registration manifest access token\n\n```json\n\"optionalClaims\": {\n\t\"idToken\": [],\n\t\"accessToken\": [\n\t\t{\n\t\t\t\"name\": \"xms_cc\",\n\t\t\t\"source\": null,\n\t\t\t\"essential\": false,\n\t\t\t\"additionalProperties\": []\n\t\t}\n\t],\n\t\"saml2Token\": []\n},\n```\n\n## Azure app registration manifest id_token\n\n```json\n\"optionalClaims\": {\n\t\"idToken\": [\n\t\t{\n\t\t\t\"name\": \"xms_cc\",\n\t\t\t\"source\": null,\n\t\t\t\"essential\": false,\n\t\t\t\"additionalProperties\": []\n\t\t}\n\t],\n\t\"accessToken\": [],\n\t\"saml2Token\": []\n},\n```\n\n## Claims challenge returned from the API\n\n```json\n{\"access_token\":{\"acrs\":{\"essential\":true,\"value\":\"c1\"}}}\n```\n\n## Access token\n\n```csharp\n{\n  \"aud\": \"7c839e15-096b-4abb-a869-df9e6b34027c\",\n  \"iss\": \"https://login.microsoftonline.com/5698af84-5720-4ff0-bdc3-9d9195314244/v2.0\",\n  \"iat\": 1648841224,\n  \"nbf\": 1648841224,\n  \"exp\": 1648845383,\n  \"acrs\": [\n    \"c1\"\n  ],\n  \"azp\": \"7c839e15-096b-4abb-a869-df9e6b34027c\",\n  \"azpacr\": \"1\",\n  \"ver\": \"2.0\",\n  \"xms_cc\": [\n    \"cp1\"\n  ],\n  // plus more claims\n}\n```\n\n## Links\n\nhttps://github.com/Azure-Samples/ms-identity-ca-auth-context\n\nhttps://github.com/Azure-Samples/ms-identity-dotnetcore-ca-auth-context-app\n\nhttps://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview\n\nhttps://github.com/Azure-Samples/ms-identity-dotnetcore-daemon-graph-cae\n\nhttps://docs.microsoft.com/en-us/azure/active-directory/develop/developer-guide-conditional-access-authentication-context\n\nhttps://docs.microsoft.com/en-us/azure/active-directory/develop/claims-challenge\n\nhttps://docs.microsoft.com/en-us/azure/active-directory/develop/v2-conditional-access-dev-guide\n\nhttps://www.youtube.com/watch?v=_iO7CfoktTY\n\nhttps://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-continuous-access-evaluation\n\nhttps://openid.net/wg/sse/\n\nhttps://github.com/damienbod/Blazor.BFF.AzureAD.Template\n\nhttps://github.com/AzureAD/microsoft-identity-web\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdamienbod%2Faspnetcoremeidcae","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdamienbod%2Faspnetcoremeidcae","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdamienbod%2Faspnetcoremeidcae/lists"}