EntityFramework.Docs icon indicating copy to clipboard operation
EntityFramework.Docs copied to clipboard
verified publisher icon dotnet

SFI: recommend secure authentication flow

Open Rick-Anderson opened this issue 1 year ago • 4 comments

See the list in https://github.com/dotnet/AspNetCore.Docs/issues/33699

Type of issue

SFI (Secure Future Initiative)

Description

See this internal link: SFI info in Teams MSFT wide initiative to recommend the most secure authentication flow. @tdykstra and @Rick-Anderson can PR these. I'll create an include file something like the following:

[!NOTE] This article uses a local database that doesn't require the user to be authenticated. Production apps should use the most secure authentication flow available. For more information on authentication for deployed test and production apps, see [Secure authentication flows](/aspnet/core/security/).

Addresses: https://github.com/dotnet/AspNetCore.Docs/issues/33226 Company wide initiative for ROPC ***After the .NET 9 GA can you make this a priority? ***

Issue or suggestion

ROPC: 35 Files in EntityFramework.Docs

Page URL

https://learn.microsoft.com/en-us/ef/core/miscellaneous/multitenancy

Content source URL

https://github.com/dotnet/EntityFramework.Docs/blob/main/entity-framework/core/miscellaneous/multitenancy.md

Document Version Independent Id

bb29a2b6-c401-287f-2da9-1aeb3c633b41

Article author

@JeremyLikness

Rick-Anderson avatar Aug 23 '24 22:08 Rick-Anderson

In the include file, explain why it matters after the sentence about not using a password.

tdykstra avatar Aug 23 '24 23:08 tdykstra

In the include file, explain why it matters after the sentence about not using a password.

I updated it with your version.

Rick-Anderson avatar Aug 23 '24 23:08 Rick-Anderson

@roji @ajcvickers please review

Rick-Anderson avatar Aug 23 '24 23:08 Rick-Anderson

LGTM

AndriySvyryd avatar Sep 14 '24 07:09 AndriySvyryd