The authentication patterns made available by ASP.NET Core are basically the same as those supported by the previous versions of ASP.NET:
- No authentication, if we don't feel like implementing anything or if we want to use (or develop) a self-made auth interface without relying upon the ASP.NET Core Identity system
- Individual User Accounts, when we set up an internal database to store user data using the standard ASP.NET Core Identity interface
- Azure Active Directory, which implies using a token-based set of API calls handled by the Azure AD Authentication Library (ADAL)
- Windows authentication, only viable for local-scope applications within Windows domains or Active Directory trees
However, the implementation patterns introduced by the ASP.NET Core team during the past few years are constantly evolving in order to match the latest security practices available.
All the aforementioned approaches—excluding the first one—are handled by...