After writing over 1,000 answers on Stack Overflow, mostly about authentication and OpenID Connect, I've seen the same mistakes and pitfalls appear over and over. In this talk, I'll share some of the most common mistakes developers make when building authentication solutions.

From simple misconfigurations to deeper misunderstandings of protocols and security flows, we'll explore the traps that are all too easy to fall into when working with ASP.NET Core authentication. You'll learn why some common practices are actually anti-patterns, how to avoid opening security vulnerabilities, and what best practices can help you build secure, reliable authentication.

It will also feature live hands-on demonstrations to illustrate these concepts in practice. My experience will help you save time and build secure authentication solutions.

The talk will contain a good mix of hands-on demonstrations in code and presentations.

Target audience: ASP.NET Core and .NET Developers.