Microsoft Entra Identity Platform

A developer platform that helps protect your users and data.

Introducing Trusted Certificate Authorities (public preview) in App management policy

In March 2023, we announced a framework called App management policy which allows admins to implement security best practices for applications in their tenant. Now, we've added a new capability that allows admins to define trusted certificate issuers for their tenant. Attempts to add an app certificate that does not meet the criteria defined in the policy will be rejected.

Public vs. confidential clients and how to avoid common security pitfalls in identity

This blog post delves into the critical differences between public clients, which are inherently more exposed and vulnerable, and confidential clients, which operate under stringent security measures to safeguard sensitive data. You’ll discover why knowing the difference matters and learn a few best practices to help you avoid common pitfalls.

Using the Microsoft Authentication Library with the Windows authentication broker

One of the interesting developments in the last few years in the field of authentication is the use of authentication brokers. Authentication brokers help make your applications more secure and resilient by enabling developers to remove the need to handle refresh tokens, simplify the user authentication flow and remove any variability from it, and take advantage of more complex authentication features, like Windows Hello, conditional access, and FIDO keys.

How the Microsoft identity platform helps developers manage identity risk

Our vision for the Microsoft identity platform is to create a thriving developer and app ecosystem that makes securing identities easy. In fact, over one million applications use our platform, performing over eight billion authentications per day. We combine this with the 65 trillion signals that Microsoft Security processes each day to help ...