Want to download the mobile app for SDD 2017?

iPhone and Android users click here: https://attendify.com/app/xbhfom/
Windows Phone users click here: http://xbhfom.m.attendify.com/

SDD 2017 Schedule

Coding Level
This is a rating on a scale from 1 to 5 to indicate how much demo coding the session will contain (as opposed to slides) – 1 means no code demos, and 5 means nothing but.

Advanced Level
This is a rating on a scale from 1 to 5 to indicate how advanced the session is (in terms of the specific topic that is being covered) – 1 means that it’s introductory, and 5 means that it’s aimed at attendees who already have significant experience in the relevant area.

Tuesday 16 May 2017



Track 5

Auditorium 1

Implementing authorization in web applications and APIs

Coding Level 3
Advanced Level 3

Authentication is easy – authorization is the hard part. This might sound daunting, but since every application is different, there is no single recipe for how authorization has to work. Dominick walks you through a couple of approaches and pitfalls and uses the new ASP.NET Core authorization API (which has been back-ported to standard .NET) as an example of a decent abstraction layer for clean authorization for your applications. But we will also learn that that regardless of your approach, there is no one size that fits all – that’s why it important to understand your options.

Dominick Baier

Dominick Baier


Dominick is an independent consultant specializing in identity and access control. He helps companies around the world designing and implementing authentication and authorization for their distributed web and native applications. He’s co-author of the popular OpenID Connect & OAuth 2.0 framework called IdentityServer (http://identityserver.io), has written a couple of books, blogs at http://leastprivilege.com and tweets as @leastprivilege.

Other presentations by Dominick Baier

Brock Allen

Brock Allen


Brock is an independent consultant with 20 years of industry experience, specialising in web development and web-based security. He’s a contributor to many open source projects including IdentityServer, IdentityManager, IdentityModel, and MembershipReboot. He frequently posts to the ASP.NET forums, is an MVP for ASP.NET/IIS, a member of ASPInsiders, and a contributor to the ASP.NET platform. http://brockallen.com  @BrockLAllen

Other presentations by Brock Allen

Mon 15 May 2017 at 9:30

Pre-Conference Workshop

Identity & Access Control for ASP.NET Core Applications and APIs

Wed 17 May 2017 at 9:30

Track 5

Introduction to ASP.NET Identity 3

Wed 17 May 2017 at 11:30

Track 5

Advanced ASP.NET Identity 3

Return to full conference agenda