Developer Support

Advocacy and Innovation

Microsoft Identity Platform which OAuth flow should I use?

October 12, 2020 Oct 12, 2020 10/12/20

Developer Support

Microsoft Identity Platform: which OAuth2 flow should I use? My non-prescriptive one-page guide in choosing the right auth flow for every situation.

Moving legacy ASP.NET apps with Windows authentication to Azure App Service (Part 2)

May 19, 2020 May 19, 2020 05/19/20

Developer Support

We discuss moving legacy backend services that use Windows authentication over to an Azure App Service, with emphasis on web service stack and authentication & authorization considerations.

Choosing the OAuth2 grant flow

June 17, 2019 Jun 17, 2019 06/17/19

Developer Support

Premier Dev Consultant Marius Rochon explores OAuth2 questions you need to ask and how the answers lead to the selection of the grant. The OAuth2 specifications define six different grant types (https://tools.ietf.org/html/rfc6749 and https://tools.ietf.org/html/draft-ietf-oauth-device-flow-15). Each provides the most optimal (from the ...

Adding User Optional and Mapped Claims in the Azure AD Authentication Token

June 9, 2019 Jun 9, 2019 06/9/19

Developer Support

When we are using Azure Active Directory, we need to add extra information related to the user in the token that we received once that we get an authenticated user in our app. By Default, in our token we only see some user’s information like preferred username, email, name, roles assigned to this user and the unique name.

Moving legacy ASP.NET apps with Windows authentication to Azure App Service (Part 1)

May 10, 2019 May 10, 2019 05/10/19

Developer Support

App Dev Manager Mike Lapierre explores authentication options when moving legacy ASP.NET apps to Azure App Services. When attempting to move legacy ASP.NET apps to Azure App Service, you might encounter a few challenges which are documented here. I want to cover specially the use Windows authentication which is not supported in Azure ...

Handling Error AADSTS54005

February 19, 2019 Feb 19, 2019 02/19/19

Developer Support

On November 15, 2018 an update to Microsoft Azure Active Directory was released to bring AAD in line with the OAuth specification. This update prevents an authorization code from being used to obtain access tokens for multiple resources. The full release notes for this change can be found here.

Cross (micro) services authentication with Azure B2C

January 22, 2019 Jan 22, 2019 01/22/19

Developer Support

Microservices is an architectural style that structures an application as a collection of loosely coupled services, which implement business capabilities. The microservice architecture enables the continuous delivery/deployment of large, complex applications. It also enables an organization to evolve its technology stack.

Federation patterns using Azure AD

October 11, 2018 Oct 11, 2018 10/11/18

Developer Support

In this post, Premier Dev Consultant Marius Rochon considers scenarios where an application needs to be accessed by users from many sources of authentication (Office 365, owned and operated by Microsoft but whose use is managed separately by many independent organizations is an example of such a resource). It proposes a framework for determining an optimal solution for the application using Azure AD.

Developing an Azure AD B2C multi-tenant application

October 9, 2017 Oct 9, 2017 10/9/17

Pam Lahoud

In this post from his blog, Premier Developer consultant Marius Rochon provides a demo application that illustrates how to use Azure Active Directory B2C for authentication in a multi-tenant application.The 'regular' Azure AD has build-in support for multi-tenant applications. In that case, a user from any Azure AD tenant can sign in to an ...

Claims augmentation with OWIN but outside of Startup code

August 16, 2017 Aug 16, 2017 08/16/17

Pam Lahoud

This post on authentication and authorization is from Premier Developer consultant Marius Rochon.Claims list included in the ClaimsPrincipal usually originate from the security token received by the application as part of user authentication (SAML, OpenIDConnect id token) or access authorization (OAuth2 bearer access token). However, ...

Developer Support

Authentication - Developer Support