Microsoft Entra Identity Platform

A developer platform that helps protect your users and data.

Introducing Trusted Certificate Authorities (public preview) in App management policy

November 9, 2023 Nov 9, 2023 11/9/23

Saurabh Madan

In March 2023, we announced a framework called App management policy which allows admins to implement security best practices for applications in their tenant. Now, we've added a new capability that allows admins to define trusted certificate issuers for their tenant. Attempts to add an app certificate that does not meet the criteria defined in the policy will be rejected.

Public vs. confidential clients and how to avoid common security pitfalls in identity

October 18, 2023 Oct 18, 2023 10/18/23

Brian Melton-Grace

This blog post delves into the critical differences between public clients, which are inherently more exposed and vulnerable, and confidential clients, which operate under stringent security measures to safeguard sensitive data. You’ll discover why knowing the difference matters and learn a few best practices to help you avoid common pitfalls.

Using the Microsoft Authentication Library with the Windows authentication broker

May 17, 2023 May 17, 2023 05/17/23

Den Delimarsky

One of the interesting developments in the last few years in the field of authentication is the use of authentication brokers. Authentication brokers help make your applications more secure and resilient by enabling developers to remove the need to handle refresh tokens, simplify the user authentication flow and remove any variability from it, and take advantage of more complex authentication features, like Windows Hello, conditional access, and FIDO keys.

Announcing Microsoft Authentication Library for .NET 4.54.0, with General Availability of Managed Identity APIs

May 15, 2023 May 15, 2023 05/15/23

Den Delimarsky

Today our team is excited to announce the release of Microsoft Authentication Library (MSAL) for .NET version 4.54.0!

Scope App Permissions for Secure Automation using Microsoft Azure Active Directory

April 27, 2023 Apr 27, 2023 04/27/23

Marcus Carvalho

Microsoft Graph app permissions for a service or daemon may be too permissive, but more granular permissions can be scoped using Azure AD.

How the Microsoft identity platform helps developers manage identity risk

March 20, 2023 Mar 20, 2023 03/20/23

Levent Besik

Our vision for the Microsoft identity platform is to create a thriving developer and app ecosystem that makes securing identities easy. In fact, over one million applications use our platform, performing over eight billion authentications per day. We combine this with the 65 trillion signals that Microsoft Security processes each day to help ...