Learn about how to secure your ASP.NET Core APIs with OAuth 2.0 and JSON Web Tokens without using third-party services like IdentityServer, Okta, and Auth0.

Show you how to create an authenticated website with ASP.NET Core based on a secure cookie, supporting username/password as well as social providers.

Learn how to configure Cross-site request forgery (CSRF) checks when using AJAX with jQuery or similar in an ASP.NET Core web application.

How to secure your cookies in ASP.NET and MVC, using Secure and HttpOnly attributes. Also, learn about Cross-site tracing and Cross-site request forgery.

The aim of this post is to teach you how to implement Identity Authentication & Authorization with OAuth, Facebook and ASP.NET Core 3.0.