Enhancing Security in ASP.NET Core Applications: Implementing Oauth, JWT, and Zero-Trust Models

Application security has become critical since cyber adversaries now specifically target ASP.NET Core applications to steal data while damaging their integrity. The research examines contemporary security threats affecting .NET web applications through unauthorized entry and token fraud and API system vulnerabilities. The threats to vulnerable systems can be managed through OAuth together with JSON Web Tokens (JWT) as well as Zero-Trust application models. Through OAuth users can give third-party applications safe resource access without revealing their account credentials to them. JWT authentication operates without state information which creates performance benefits without reducing security measures. Under the Zero-Trust framework continuous authentication remains active to decrease the number of potential attack vectors. The investigation of security authentication mechanisms happens through combined assessments of real-world case studies and current best practices as well as security protocols analysis. The combination of OAuth with JWT authentication creates strong defense against credential theft at the same time it protects users from session hijacking attacks. The implementation of Zero-Trust principles enhances both identity verification practices and access control measures to successfully prevent unauthorized access. The security system should be improved through the deployment of anomaly detection AI technology and MFA authentication and token expiration protocols. Applying the described methodologies leads to robust future-proof ASP.NET Core applications which satisfy industry standards for cyber security while defending against changing security threats. The research presents an all-inclusive approach to protect .NET applications in 2024 which provides secure performance in current web fields.