ROPC remediation - 11 files

aspnetcore/migration/identity.md

@@ -3,9 +3,10 @@ title: Migrate Authentication and Identity to ASP.NET Core
 author: ardalis
 description: Learn how to migrate authentication and identity from an ASP.NET MVC project to an ASP.NET Core MVC project.
 ms.author: riande
-ms.date: 3/22/2020
+ms.date: 10/29/2024
 uid: migration/identity
 ---
+<!-- ms.sfi.ropc: t -->
 # Migrate Authentication and Identity to ASP.NET Core
 
 By [Steve Smith](https://ardalis.com/)
@@ -22,6 +23,8 @@ Install the following NuGet packages:
 * `Microsoft.AspNetCore.Authentication.Cookies`
 * `Microsoft.EntityFrameworkCore.SqlServer`
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 In `Startup.cs`, update the `Startup.ConfigureServices` method to use Entity Framework and Identity services:
 
 ```csharp

aspnetcore/migration/proper-to-2x/membership-to-core-identity.md

@@ -7,6 +7,7 @@ ms.custom: mvc
 ms.date: 01/10/2019
 uid: migration/proper-to-2x/membership-to-core-identity
 ---
+<!-- ms.sfi.ropc: t -->
 # Migrate from ASP.NET Membership authentication to ASP.NET Core 2.0 Identity
 
 By [Isaac Levin](https://isaaclevin.com)
@@ -49,6 +50,8 @@ The fastest way to view the schema for ASP.NET Core 2.0 Identity is to create a
     }
     ```
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 1. Select **View** > **SQL Server Object Explorer**. Expand the node corresponding to the database name specified in the `ConnectionStrings:DefaultConnection` property of `appsettings.json`.
 
     The `Update-Database` command created the database specified with the schema and any data needed for app initialization. The following image depicts the table structure that's created with the preceding steps.

aspnetcore/security/app-secrets.md

@@ -5,9 +5,10 @@ description: Learn how to store and retrieve sensitive information during the de
 ms.author: tdykstra
 monikerRange: '>= aspnetcore-3.0'
 ms.custom: mvc
-ms.date: 02/23/2024
+ms.date: 10/29/2024
 uid: security/app-secrets
 ---
+<!-- ms.sfi.ropc: t -->
 # Safe storage of app secrets in development in ASP.NET Core
 
 [!INCLUDE[](~/includes/not-latest-version.md)]

aspnetcore/security/app-secrets/includes/app-secrets-3-5.md

@@ -1,11 +1,13 @@
 :::moniker range="< aspnetcore-6.0"
+<!-- ms.sfi.ropc: t -->
 
 By [Rick Anderson](https://twitter.com/RickAndMSFT), [Kirk Larkin](https://twitter.com/serpent5), [Daniel Roth](https://github.com/danroth27), and [Scott Addie](https://github.com/scottaddie)
 
 [View or download sample code](https://github.com/dotnet/AspNetCore.Docs/tree/main/aspnetcore/security/app-secrets/samples) ([how to download](xref:index#how-to-download-a-sample))
 
-This document explains how to manage sensitive data for an ASP.NET Core app on a development machine. Never store passwords or other sensitive data in source code. Production secrets shouldn't be used for development or test. Secrets shouldn't be deployed with the app. Instead, production secrets should be accessed through a controlled means like environment variables or Azure Key Vault. You can store and protect Azure test and production secrets with the [Azure Key Vault configuration provider](xref:security/key-vault-configuration).
+This article explains how to manage sensitive data for an ASP.NET Core app on a development machine. Never store passwords or other sensitive data in source code or configuration files. Production secrets shouldn't be used for development or test. Secrets shouldn't be deployed with the app. Production secrets should be accessed through a controlled means like Azure Key Vault. Azure test and production secrets can be stored and protected with the [Azure Key Vault configuration provider](xref:security/key-vault-configuration).
 
+For more information on authentication for test and production environments, see [Secure authentication flows](xref:security/index#secure-authentication-flows).
 ## Environment variables
 
 Environment variables are used to avoid storage of app secrets in code or in local configuration files. Environment variables override configuration values for all previously specified configuration sources.

aspnetcore/security/authentication/customize-identity-model.md

@@ -3,9 +3,10 @@ title: Identity model customization in ASP.NET Core
 author: ajcvickers
 description: This article describes how to customize the underlying Entity Framework Core data model for ASP.NET Core Identity.
 ms.author: avickers
-ms.date: 07/01/2019
+ms.date: 10/29/2024
 uid: security/authentication/customize_identity_model
 ---
+<!-- ms.sfi.ropc: t -->
 # Identity model customization in ASP.NET Core
 
 By [Arthur Vickers](https://github.com/ajcvickers)
@@ -887,6 +888,8 @@ services
 
 Refer to the preceding examples for guidance on adding navigation properties to the entity types.
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 ## Additional resources
 
 * <xref:security/authentication/scaffold-identity>

aspnetcore/security/authentication/identity-api-authorization/includes/identity-api-authorization3-7.md

@@ -1,4 +1,5 @@
 :::moniker range=">= aspnetcore-6.0 < aspnetcore-8.0"
+<!-- ms.sfi.ropc: t -->
 
 The ASP.NET Core templates offer authentication in Single Page Apps (SPAs) using the support for API authorization. ASP.NET Core Identity for authenticating and storing users is combined with [Duende Identity Server](https://docs.duendesoftware.com) for implementing OpenID Connect.
 
@@ -76,6 +77,8 @@ The preceding code configures:
     app.UseIdentityServer();
     ```
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 ### Azure App Service on Linux
 
 For Azure App Service deployments on Linux, specify the issuer explicitly:
@@ -484,6 +487,8 @@ The `Startup` class has the following additions:
     app.UseIdentityServer();
     ```
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 ### Azure App Service on Linux
 
 For Azure App Service deployments on Linux, specify the issuer explicitly in `Startup.ConfigureServices`:

aspnetcore/security/authentication/identity-custom-storage-providers.md

@@ -4,9 +4,10 @@ author: ardalis
 description: Learn how to configure custom storage providers for ASP.NET Core Identity.
 ms.author: riande
 ms.custom: mvc
-ms.date: 07/23/2019
+ms.date: 10/29/2024
 uid: security/authentication/identity-custom-storage-providers
 ---
+<!-- ms.sfi.ropc: t -->
 # Custom storage providers for ASP.NET Core Identity
 
 By [Steve Smith](https://ardalis.com/)
@@ -207,6 +208,8 @@ Once you have implemented a storage provider, you configure your app to use it.
 1. If you are using Roles, update the `RoleManager` to use your `RoleStore` class.
 1. Update the connection string and credentials to your app's configuration.
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 Example:
 
 :::moniker range="< aspnetcore-6.0"

aspnetcore/security/authentication/mfa.md

@@ -5,9 +5,10 @@ description: Learn how to set up multi-factor authentication (MFA) in an ASP.NET
 monikerRange: '>= aspnetcore-3.1'
 ms.author: riande
 ms.custom: mvc
-ms.date: 04/02/2024
+ms.date: 10/29/2024
 uid: security/authentication/mfa
 ---
+<!-- ms.sfi.ropc: t -->
 # Multi-factor authentication in ASP.NET Core
 
 [!INCLUDE[](~/includes/not-latest-version.md)]
@@ -73,6 +74,8 @@ MFA could be forced on users to access sensitive pages within an ASP.NET Core Id
 
 The demo code is setup using ASP.NET Core with Identity and Razor Pages. The `AddIdentity` method is used instead of `AddDefaultIdentity` one, so an `IUserClaimsPrincipalFactory` implementation can be used to add claims to the identity after a successful login.
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 ```csharp
 builder.Services.AddDbContext<ApplicationDbContext>(options =>
     options.UseSqlite(

aspnetcore/security/authentication/mfa/includes/mfa-5-8.md

@@ -59,6 +59,8 @@ MFA could be forced on users to access sensitive pages within an ASP.NET Core Id
 
 The demo code is setup using ASP.NET Core with Identity and Razor Pages. The `AddIdentity` method is used instead of `AddDefaultIdentity` one, so an `IUserClaimsPrincipalFactory` implementation can be used to add claims to the identity after a successful login.
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 ```csharp
 builder.Services.AddDbContext<ApplicationDbContext>(options =>
     options.UseSqlite(
@@ -561,6 +563,8 @@ MFA could be forced on users to access sensitive pages within an ASP.NET Core Id
 
 The demo code is setup using ASP.NET Core with Identity and Razor Pages. The `AddIdentity` method is used instead of `AddDefaultIdentity` one, so an `IUserClaimsPrincipalFactory` implementation can be used to add claims to the identity after a successful login.
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 ```csharp
 public void ConfigureServices(IServiceCollection services)
 {

aspnetcore/security/data-protection/implementation/key-storage-providers.md

@@ -43,6 +43,8 @@ public void ConfigureServices(IServiceCollection services)
 
 If the web app is running as an Azure service, connection string can be used to authenticate to Azure storage by using [Azure.Storage.Blobs](xref:Azure.Storage.Blobs.BlobContainerClient).
 
+[!INCLUDE [managed-identities](~/includes/managed-identities-conn-strings.md)]
+
 ```csharp
 string connectionString = "<connection_string>";
 string containerName = "my-key-container";

aspnetcore/security/key-vault-configuration.md

@@ -8,6 +8,7 @@ ms.custom: mvc, devx-track-azurecli
 ms.date: 01/07/2022
 uid: security/key-vault-configuration
 ---
+<!-- ms.sfi.ropc: t -->
 # Azure Key Vault configuration provider in ASP.NET Core
 
 :::moniker range=">= aspnetcore-6.0"