Please turn JavaScript on
Find more feeds
Duende Software Official Site icon

Duende Software Official Site

Want to keep yourself up to date with the latest news from Duende Software Official Site?

Subscribe using the "Follow" button below and we provide you with customized updates, via topic or tag, that get delivered to your email address, your smartphone or on your dedicated news page on follow.it.

You can unsubscribe at any time painlessly.

Title of Duende Software Official Site: "Duende Software - Identity and Access Management for .NET"

Is this your feed? Claim it!

Publisher:  Unclaimed!
Message frequency:  0.34 / day

Message History

The field Keyword in C# 14: Write Less, Validate More

You need a property that validates its input. In C# 13 and earlier, that means writing a private backing field, a get accessor that returns it, and a set accessor that validates the value before storing it. Three moving parts for one property:

public class Greeting { private string _msg = "Hello"; public string Message { get => _msg; set => _msg = value ?? thr...

Read full story
The Real Cost of Build vs. Buy for Identity

Imagine a development team starting to build their own auth system from scratch. Talented developers, clean architecture, all the right OAuth 2.0 flows. When they succeed, they are proud of it, and they should be, because it works.

Months later, three sprints deep into adding SAML for a single enterprise customer. Their best Auth engineer had just given two weeks' noti...


Read full story
OAuth 2.1 Made Simple: The Only Flows You Need

Back in 2019, Dominick Baier, Duende Cofounder and Security subject-matter expert, wrote a prophetic post called "Two is the Magic Number", a riff on De La Soul's "Three is the Magic Number", arguing that you only needed two OAuth flows to cover every real-world scenario. At ...


Read full story
Beyond localhost: Multi-Instance ASP.NET Core Deployment with .NET 10

Everything works great on your machine. One instance, one process, one set of keys in memory. Then you scale to two instances, maybe a Kubernetes deployment rolling out replicas, maybe an IIS web farm, and suddenly users are getting logged out mid-session, anti-forgery tokens stop validating, and cached data is inconsistent depending on which server answers the request. Help!...


Read full story
Harden Your .NET JSON Deserialization with System.Text.Json and JsonSerializerOptions.Strict

Consider the following JSON payload hitting your API:

{"Amount": 100, "Amount": -999}

Two properties with the same name. RFC 8259 Section 4 says object names "SHOULD be unique," and warns that parser behavior is unpredictable when they aren't. System.Text....


Read full story