Authentication Archives | Premier Developer

Choosing the OAuth2 grant flow

Premier DeveloperJune 17, 2019Jun 17, 201906/17/19

Premier Dev Consultant Marius Rochon explores OAuth2 questions you need to ask and how the answers lead to the selection of the grant.

The OAuth2 specifications define six different grant types (https://tools.ietf.org/html/rfc6749 and https://tools.ietf.org/html/draft-ietf-oauth-device-flow-15). Each provides the most optimal (from the security point of view) way of obtaining access or (for OIDC) id_tokens given the circumstances of the client application.

Adding User Optional and Mapped Claims in the Azure AD Authentication Token

Premier DeveloperJune 9, 2019Jun 9, 201906/9/19

When we are using Azure Active Directory, we need to add extra information related to the user in the token that we received once that we get an authenticated user in our app. By Default, in our token we only see some user’s information like preferred username, email, name, roles assigned to this user and the unique name.

Moving legacy ASP.NET apps with Windows authentication to Azure App Service (Part 1)

Premier DeveloperMay 10, 2019May 10, 201905/10/19

App Dev Manager Mike Lapierre explores authentication options when moving legacy ASP.NET apps to Azure App Services.

When attempting to move legacy ASP.NET apps to Azure App Service, you might encounter a few challenges which are documented here. I want to cover specially the use Windows authentication which is not supported in Azure App Service.

Handling Error AADSTS54005

Premier DeveloperFebruary 19, 2019Feb 19, 201902/19/19

On November 15, 2018 an update to Microsoft Azure Active Directory was released to bring AAD in line with the OAuth specification. This update prevents an authorization code from being used to obtain access tokens for multiple resources. The full release notes for this change can be found here.

Cross (micro) services authentication with Azure B2C

Premier DeveloperJanuary 22, 2019Jan 22, 201901/22/19

Microservices is an architectural style that structures an application as a collection of loosely coupled services, which implement business capabilities. The microservice architecture enables the continuous delivery/deployment of large, complex applications. It also enables an organization to evolve its technology stack.

Federation patterns using Azure AD

Premier DeveloperOctober 11, 2018Oct 11, 201810/11/18

In this post, Premier Dev Consultant Marius Rochon considers scenarios where an application needs to be accessed by users from many sources of authentication (Office 365, owned and operated by Microsoft but whose use is managed separately by many independent organizations is an example of such a resource). It proposes a framework for determining an optimal solution for the application using Azure AD.

Developing an Azure AD B2C multi-tenant application

Pam LahoudOctober 9, 2017Oct 9, 201710/9/17

In this post from his blog, Premier Developer consultant Marius Rochon provides a demo application that illustrates how to use Azure Active Directory B2C for authentication in a multi-tenant application.

The ‘regular’ Azure AD has build-in support for multi-tenant applications. In that case,

Claims augmentation with OWIN but outside of Startup code

Pam LahoudAugust 16, 2017Aug 16, 201708/16/17

This post on authentication and authorization is from Premier Developer consultant Marius Rochon.

Claims list included in the ClaimsPrincipal usually originate from the security token received by the application as part of user authentication (SAML, OpenIDConnect id token) or access authorization (OAuth2 bearer access token).

Using Azure AD to enable partner access to SharePoint 201x

Monu BambrooMay 12, 2017May 12, 201705/12/17

In this post, Premier Developer Consultant Marius Rochon shows us how to use Azure AD to enable partner access to Sharepoint 201x.

The following summarizes my experience with setting Azure AD as authentication provider for Sharepoint 2013 or 2016. This setup enables access to SharePoint for external users (business partners,

Authentication options for custom application when accessing data from O365

Premier DeveloperApril 21, 2017Apr 21, 201704/21/17

In this post, Senior Application Development Manager, Anant Dimri explains authentication options available to application developers who wish to interact with data in O365.

A developer writing applications that interact with SharePoint (SP) data (Lists/Events/Documents, etc.) will be faced with several options to setup authentication.

Premier Developer