Blogged: Add application security to the swiyu generic management verifier APIs using OAuth

https://damienbod.com/2026/02/16/add-application-security-to-the-swiyu-generic-management-verifier-apis-using-oauth/

#aspnetcore #oauth #swiyu #swiss #openid #yarp #aspire #container #api #iam #security #dotnet

Blogged: Secure the swiyu container using a YARP proxy

https://damienbod.com/2026/02/09/isolate-the-swiyu-public-beta-management-apis-using-yarp/

#swiyu #yarp #aspire #aspnetcore #dotnet #identity #network #oauth #openidconnect #oidc

Blogged: Use client assertions in ASP.NET Core using OpenID Connect, OAuth DPoP and OAuth PAR

https://damienbod.com/2026/02/02/use-client-assertions-in-asp-net-core-using-openid-connect-oauth-dpop-and-oauth-par/

#dotnet #aspnetcode #oidc #oauth #par #dpop #identity #duende #aspire #oss #iam #swiyu

Blogged: Force step up authentication in web applications

https://damienbod.com/2026/01/26/force-step-up-authentication-in-web-applications/

#aspnetcore #dotnet #blazor #aspire #identity #oauth #oidc #duende #iam #swiyu #eid

Blogged: Implementing Level of Identification (LoI) with ASP.NET Core Identity and Duende

https://damienbod.com/2026/01/18/implementing-level-of-identification-loi-with-asp-net-core-identity-and-duende/

#aspnetcore #oauth #openid #dotnet #oidc #iam #swiyu #aspire #oss #identity #eid #swiss #bit #gov #loi #loa #blazor #duende

#ZKP #eID #swiyu

I'm very happy to say that Ubique, working on https://www.heidi-universe.ch/en/index.html, told me to use `--release` with `cargo-test` :)

Now our benchmark looks quite different from the last one:

https://eid-privacy.github.io/2026/01/09/poc-report.html

Before: Noir is as fast or faster than Docknetwork
Now: Docknetwork is as fast or much faster than Noir

The next thing I need to find out is how to run benchmarks directly on a mobile phone. Is there some kind of server I can tap into with a github workflow?

Blogged: Digital Authentication and Identity validation

https://damienbod.com/2025/12/20/digital-authentication-and-identity-validation/

#oidc #identity #iam #swiyu #eid #oauth #dpop #openid #security #ecollecting #authentication #loa #loi #vc #oauth2 #swiss #ch #cybersecurity

If you're working in the e-ID space you might have heard of the "Longfellow" and "Crescent" papers, which implement zero-knowledge proofs on existing credentials. We wrote a deep-dive with @elgharee @clemhumb into these papers and compare them here:

https://eid-privacy.github.io/wp0/2025/11/28/crescent-longfellow-showdown.html

TLDR: very impressive work, but very difficult to reproduce as a normal software dev.

#EID #Swiyu #ZKP

Blogged: Implement forgot your password using swiyu, ASP.NET Core Identity and Aspire

https://damienbod.com/2025/11/17/implement-forgot-your-password-using-swiyu-asp-net-core-identity-and-aspire/

#swiyu #aspire #aspnetcore #duende #identity #iam #eid #swiss #identity #dotnet

Blogged: Implement MFA using swiyu, the Swiss E-ID with Duende IdentityServer, ASP.NET Core Identity and .NET Aspire

https://damienbod.com/2025/11/10/implement-mfa-using-swiyu-the-swiss-e-id-with-duende-identityserver-asp-net-core-identity-and-net-aspire/

#aspnetcore #aspire #dotnet #swiyu #eid #duende #eid #openid #oauth2 #identity #iam #vc #openidvp #DigitalIdentity #TrustInfrastructure #Switzerland #ssi