Blog: Posts from June, 2023

Glance into the future and learn what is coming next.

Labels
AJAX(112) App Studio(7) Apple(1) Application Builder(245) Application Factory(207) ASP.NET(95) ASP.NET 3.5(45) ASP.NET Code Generator(72) ASP.NET Membership(28) Azure(18) Barcode(2) Barcodes(3) BLOB(18) Business Rules(1) Business Rules/Logic(140) BYOD(13) Caching(2) Calendar(5) Charts(29) Cloud(14) Cloud On Time(2) Cloud On Time for Windows 7(2) Code Generator(54) Collaboration(11) command line(1) Conflict Detection(1) Content Management System(12) COT Tools for Excel(26) CRUD(1) Custom Actions(1) Data Aquarium Framework(122) Data Sheet(9) Data Sources(22) Database Lookups(50) Deployment(22) Designer(177) Device(1) DotNetNuke(12) EASE(20) Email(6) Features(101) Firebird(1) Form Builder(14) Globalization and Localization(6) How To(1) Hypermedia(2) Inline Editing(1) Installation(5) JavaScript(20) Kiosk(1) Low Code(3) Mac(1) Many-To-Many(4) Maps(6) Master/Detail(36) Microservices(4) Mobile(63) Mode Builder(3) Model Builder(3) MySQL(10) Native Apps(5) News(18) OAuth(9) OAuth Scopes(1) OAuth2(13) Offline(20) Offline Apps(4) Offline Sync(5) Oracle(11) PKCE(2) Postgre SQL(1) PostgreSQL(2) PWA(2) QR codes(2) Rapid Application Development(5) Reading Pane(2) Release Notes(183) Reports(48) REST(29) RESTful(29) RESTful Workshop(15) RFID tags(1) SaaS(7) Security(81) SharePoint(12) SPA(6) SQL Anywhere(3) SQL Server(26) SSO(1) Stored Procedure(4) Teamwork(15) Tips and Tricks(87) Tools for Excel(2) Touch UI(93) Transactions(5) Tutorials(183) Universal Windows Platform(3) User Interface(338) Video Tutorial(37) Web 2.0(100) Web App Generator(101) Web Application Generator(607) Web Form Builder(40) Web.Config(9) Workflow(28)
Archive
Blog
Posts from June, 2023
Wednesday, May 31, 2023PrintSubscribe
Roadmap 2023 - 2024 Is Announced

The roadmap covers the remaining months of the year 2023 and offers a glance at the year 2024.

The primary objective of our development is to deliver to production the new tooling for developers. App Studio is the groundbreaking development platform embedded in the live applications. Developers without prior knowledge of Code On Time will become experts in building and maintaining apps that run online and offline.

Roadmap 2023 - 2024 discusses App Studio, Workflow Links, App Identity, Serverless Apps, Database Builder, Content Hub, Data-Driven Surveys, ACL Editor, and .NET Core.
Labels: News
Monday, May 29, 2023PrintSubscribe
Tutorial: Multi-Factor Authentication

Many organizations adopt security systems that require their users to enter a numeric time-based verification code generated by an authenticator app installed on the user’s mobile device. The unique secret key is associated with the user account in the application database. Authenticator app uses the same secret to generate a new verification code periodically and does not require a network interaction with the application. The server-side code generates the verification code in real time and compares it to the one provided by the user. If the correct verification code is not provided at the time of sign in, then the access to the application is not granted even if the user is entering the correct username and password combination.

The username, password, verification code in the text message or email, and the phone with the authenticator app with optional fingerprint scan or face recognition are the components of the multi-factor authentication.
image1.png
The prompt to enter a verification code is displayed after the successful confirmation of the username and password. Users must enter the verification code displayed on the screen of their mobile device in the authenticator app or request the verification code through other available methods. The backup codes are accepted in the Backup Code input.
image2.png
The Google Authenticator app in the picture shows the verification code after the QR code was scanned in the 2-Factor Authentication setup form of an application created with Code On Time. The name of the app and the username are displayed above the code. This makes it easy to locate the verification code of a specific application.
Sunday, May 28, 2023PrintSubscribe
Lesson: Native App Authorization

Developers rely on a variety of platforms to deliver mobile apps. It is easy to set up the user authorization with an application created with Code On Time. The embedded RESTful API Engine implements OAuth 2.0 protocol with multiple authorization flows. Native applications can be programmed to have enterprise level security with little effort. The lesson explains how to configure Postman, the popular API development tool, to get the access tokens from the RESTful Backend Application. Any native client app will implement a similar pattern of authorization.

Learn to acquire access tokens in the native app via OAuth 2.0 Authorization Code flow with PKCE.
Configure New Token section allows setup of a separate request to capture a new access token from the backend application.
Postman provides the means of capturing the access tokens from any OAuth 2.0 compliant identity server. RESTful API Engine of apps created with Code On Time has the built-in support for OAuth 2.0 authorization flows. Developers can configure Postman to capture the access tokens from a Code On Time application.
Configure New Token section allows setup of a separate request to capture a new access token from the backend application.
Postman provides the means of access token capturing from any OAuth 2.0 compliant identity server. RESTful API Engine of apps created with Code On Time has the built-in support for OAuth 2.0 authorization flows. Developers can configure Postman to capture the access tokens from a Code On Time application.
Postman exchanges the authorization code for an access token with the backend application. The response is presented in the Manage Access Tokens window.
Developers can name the new Access Token and use it for development purposes in the Manage Access Tokens window. Typically the name of the token is the username.
Labels: OAuth2, Security
Continue to Hello, App Studio!