tapioone · eimerreis · Aug 28, 2025 · Aug 28, 2025
diff --git a/docs/general/authentication.md b/docs/general/authentication.md
@@ -306,122 +306,3 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
     });
 }
 ```
-
-### Secure your own ASP.NET WebAPI with B2C authentication
-
-[A combined sample for a .NET web application that calls a .NET Web API, both secured using Azure AD B2C](
-https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-and-webapi)
-
-```csharp
-    public partial class Startup
-    {
-        // These values are pulled from web.config
-        public static string AadInstance = ConfigurationManager.AppSettings["ida:AadInstance"];
-        public static string Tenant = ConfigurationManager.AppSettings["ida:Tenant"];
-        public static string ClientId = ConfigurationManager.AppSettings["ida:ClientId"];
-        public static string SignUpSignInPolicy = ConfigurationManager.AppSettings["ida:SignUpSignInPolicyId"];
-        public static string DefaultPolicy = SignUpSignInPolicy;
-
-        /*
-         * Configure the authorization OWIN middleware
-         */
-        public void ConfigureAuth(IAppBuilder app)
-        {
-            TokenValidationParameters tvps = new TokenValidationParameters
-            {
-                // Accept only those tokens where the audience of the token is equal to the client ID of this app
-                ValidAudience = ClientId,
-                AuthenticationType = Startup.DefaultPolicy
-            };
-
-            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
-            {
-                // This SecurityTokenProvider fetches the Azure AD B2C metadata & signing keys from the OpenIDConnect metadata endpoint
-                AccessTokenFormat = new JwtFormat(tvps, new OpenIdConnectCachingSecurityTokenProvider(String.Format(AadInstance, Tenant, DefaultPolicy)))
-            });
-        }
-    }
-
-
-    // This class is necessary because the OAuthBearer Middleware does not leverage
-    // the OpenID Connect metadata endpoint exposed by the STS by default.
-    public class OpenIdConnectCachingSecurityTokenProvider : IIssuerSecurityKeyProvider
-    {
-        public ConfigurationManager<OpenIdConnectConfiguration> _configManager;
-        private string _issuer;
-        private IEnumerable<SecurityKey> _keys;
-        private readonly string _metadataEndpoint;
-
-        private readonly ReaderWriterLockSlim _synclock = new ReaderWriterLockSlim();
-
-        public OpenIdConnectCachingSecurityTokenProvider(string metadataEndpoint)
-        {
-            _metadataEndpoint = metadataEndpoint;
-            _configManager = new ConfigurationManager<OpenIdConnectConfiguration>(metadataEndpoint, new OpenIdConnectConfigurationRetriever());
-
-            RetrieveMetadata();
-        }
-
-        /// <summary>
-        /// Gets the issuer the credentials are for.
-        /// </summary>
-        /// <value>
-        /// The issuer the credentials are for.
-        /// </value>
-        public string Issuer
-        {
-            get
-            {
-                RetrieveMetadata();
-                _synclock.EnterReadLock();
-                try
-                {
-                    return _issuer;
-                }
-                finally
-                {
-                    _synclock.ExitReadLock();
-                }
-            }
-        }
-
-        /// <summary>
-        /// Gets all known security keys.
-        /// </summary>
-        /// <value>
-        /// All known security keys.
-        /// </value>
-        public IEnumerable<SecurityKey> SecurityKeys
-        {
-            get
-            {
-                RetrieveMetadata();
-                _synclock.EnterReadLock();
-                try
-                {
-                    return _keys;
-                }
-                finally
-                {
-                    _synclock.ExitReadLock();
-                }
-            }
-        }
-
-        private void RetrieveMetadata()
-        {
-            _synclock.EnterWriteLock();
-            try
-            {
-                OpenIdConnectConfiguration config = Task.Run(_configManager.GetConfigurationAsync).Result;
-                _issuer = config.Issuer;
-                _keys = config.SigningKeys;
-            }
-            finally
-            {
-                _synclock.ExitWriteLock();
-            }
-        }
-    }
-
-```