Data Protection in ASP.NET Core: Consumer APIs, configuration, extensibility APIs and implementation

• Introduction to Data Protection

• Getting Started with the Data Protection APIs

• Consumer APIs

  • Consumer APIs Overview

  • Purpose Strings

  • Purpose hierarchy and multi-tenancy

  • Password Hashing

  • Limiting the lifetime of protected payloads

  • Unprotecting payloads whose keys have been revoked

• Configuration

  • Configuring Data Protection

  • Default Settings

  • Machine Wide Policy

  • Non DI Aware Scenarios

• Extensibility APIs

  • Core cryptography extensibility

  • Key management extensibility

  • Miscellaneous APIs

• Implementation

  • Authenticated encryption details.

  • Subkey Derivation and Authenticated Encryption

  • Context headers

  • Key Management

  • Key Storage Providers

  • Key Encryption At Rest

  • Key Immutability and Changing Settings

  • Key Storage Format

  • Ephemeral data protection providers

• Compatibility

  • Sharing cookies between applications

  • Replacing in ASP.NET