Showing results for Authentication - Developer Support

Oct 12, 2020
Post comments count0
Post likes count0

Microsoft Identity Platform which OAuth flow should I use?

Developer Support
Developer Support

Microsoft Identity Platform: which OAuth2 flow should I use? My non-prescriptive one-page guide in choosing the right auth flow for every situation.

AuthenticationOAuth2
Jun 17, 2019
Post comments count0
Post likes count0

Choosing the OAuth2 grant flow

Developer Support
Developer Support

Premier Dev Consultant Marius Rochon explores OAuth2 questions you need to ask and how the answers lead to the selection of the grant. The OAuth2 specifications define six different grant types (https://tools.ietf.org/html/rfc6749 and https://tools.ietf.org/html/draft-ietf-oauth-device-flow-15). Each provides the most optimal (from the secur...

TeamAuthenticationMarius Rochon
Jun 9, 2019
Post comments count2
Post likes count0

Adding User Optional and Mapped Claims in the Azure AD Authentication Token

Developer Support
Developer Support

When we are using Azure Active Directory, we need to add extra information related to the user in the token that we received once that we get an authenticated user in our app. By Default, in our token we only see some user’s information like preferred username, email, name, roles assigned to this user and the unique name.

TeamAzure ADAuthentication
May 10, 2019
Post comments count0
Post likes count0

Moving legacy ASP.NET apps with Windows authentication to Azure App Service (Part 1)

Developer Support
Developer Support

App Dev Manager Mike Lapierre explores authentication options when moving legacy ASP.NET apps to Azure App Services. When attempting to move legacy ASP.NET apps to Azure App Service, you might encounter a few challenges which are documented here. I want to cover specially the use Windows authentication which is not supported in Azure App Ser...

TeamAuthenticationApp Services
Feb 19, 2019
Post comments count0
Post likes count0

Handling Error AADSTS54005

Developer Support
Developer Support

On November 15, 2018 an update to Microsoft Azure Active Directory was released to bring AAD in line with the OAuth specification. This update prevents an authorization code from being used to obtain access tokens for multiple resources. The full release notes for this change can be found here.

Azure ADAuthenticationOAuth
Jan 22, 2019
Post comments count0
Post likes count0

Cross (micro) services authentication with Azure B2C

Developer Support
Developer Support

Microservices is an architectural style that structures an application as a collection of loosely coupled services, which implement business capabilities. The microservice architecture enables the continuous delivery/deployment of large, complex applications. It also enables an organization to evolve its technology stack.

TeamAzureAuthentication
Oct 11, 2018
Post comments count0
Post likes count0

Federation patterns using Azure AD

Developer Support
Developer Support

In this post, Premier Dev Consultant Marius Rochon considers scenarios where an application needs to be accessed by users from many sources of authentication (Office 365, owned and operated by Microsoft but whose use is managed separately by many independent organizations is an example of such a resource). It proposes a framework for determining an...

TeamAzureAuthentication
Oct 9, 2017
Post comments count0
Post likes count0

Developing an Azure AD B2C multi-tenant application

Pam Lahoud
Pam Lahoud

In this post from his blog, Premier Developer consultant Marius Rochon provides a demo application that illustrates how to use Azure Active Directory B2C for authentication in a multi-tenant application.The 'regular' Azure AD has build-in support for multi-tenant applications. In that case, a user from any Azure AD tenant can sign in to an applicat...

Azure ADAuthenticationMarius Rochon
Aug 16, 2017
Post comments count0
Post likes count0

Claims augmentation with OWIN but outside of Startup code

Pam Lahoud
Pam Lahoud

This post on authentication and authorization is from Premier Developer consultant Marius Rochon.Claims list included in the ClaimsPrincipal usually originate from the security token received by the application as part of user authentication (SAML, OpenIDConnect id token) or access authorization (OAuth2 bearer access token).  However, sometime...

SecurityAuthenticationMarius Rochon