Developer Support

Advocacy and Innovation

Authentication - Developer Support

Choosing the OAuth2 grant flow

June 17, 2019 Jun 17, 2019 06/17/19
Developer Support
Premier Dev Consultant Marius Rochon explores OAuth2 questions you need to ask and how the answers lead to the selection of the grant. The OAuth2 specifications define six different grant types (https://tools.ietf.org/html/rfc6749 and https://tools.ietf.org/html/draft-ietf-oauth-device-flow-15). Each provides the most optimal (from the ...

Moving legacy ASP.NET apps with Windows authentication to Azure App Service (Part 1)

May 10, 2019 May 10, 2019 05/10/19
Developer Support
App Dev Manager Mike Lapierre explores authentication options when moving legacy ASP.NET apps to Azure App Services. When attempting to move legacy ASP.NET apps to Azure App Service, you might encounter a few challenges which are documented here. I want to cover specially the use Windows authentication which is not supported in Azure ...

Handling Error AADSTS54005

February 19, 2019 Feb 19, 2019 02/19/19
Developer Support
On November 15, 2018 an update to Microsoft Azure Active Directory was released to bring AAD in line with the OAuth specification. This update prevents an authorization code from being used to obtain access tokens for multiple resources. The full release notes for this change can be found here.

Cross (micro) services authentication with Azure B2C

January 22, 2019 Jan 22, 2019 01/22/19
Developer Support
Microservices is an architectural style that structures an application as a collection of loosely coupled services, which implement business capabilities. The microservice architecture enables the continuous delivery/deployment of large, complex applications. It also enables an organization to evolve its technology stack.

Federation patterns using Azure AD

October 11, 2018 Oct 11, 2018 10/11/18
Developer Support
In this post, Premier Dev Consultant Marius Rochon considers scenarios where an application needs to be accessed by users from many sources of authentication (Office 365, owned and operated by Microsoft but whose use is managed separately by many independent organizations is an example of such a resource). It proposes a framework for determining an optimal solution for the application using Azure AD.

Developing an Azure AD B2C multi-tenant application

October 9, 2017 Oct 9, 2017 10/9/17
Pam Lahoud
In this post from his blog, Premier Developer consultant Marius Rochon provides a demo application that illustrates how to use Azure Active Directory B2C for authentication in a multi-tenant application.The 'regular' Azure AD has build-in support for multi-tenant applications. In that case, a user from any Azure AD tenant can sign in to an ...

Claims augmentation with OWIN but outside of Startup code

August 16, 2017 Aug 16, 2017 08/16/17
Pam Lahoud
This post on authentication and authorization is from Premier Developer consultant Marius Rochon.Claims list included in the ClaimsPrincipal usually originate from the security token received by the application as part of user authentication (SAML, OpenIDConnect id token) or access authorization (OAuth2 bearer access token).  However, ...

Feedback usabilla icon