AAD multi-tenancy is ideal for medium-to-large enterprises who own and manage their own identity infrastructure. This sample is for small enterprises, usually without their own identity infrastructure. It provides support for an application that needs to group it's users into discrete groups, each representing an application tenant.
The objective of this post is to summarize in one single page, the main differences between Azure AD Endpoint V1 vs V2, with a focus on client libraries and supportability.
When we are using Azure Active Directory, we need to add extra information related to the user in the token that we received once that we get an authenticated user in our app. By Default, in our token we only see some user’s information like preferred username, email, name, roles assigned to this user and the unique name.
Accessing Groups claims in Azure AD B2C requires adding some custom code through custom (IEF) policies. This post shows how to configure AD B2C IEF policies to access Groups in JWT Tokens.
Secure your applications with Microsoft Identity Platform couldn't be any easier. In this blog, we’ll walk through very quick steps to help you start experimenting with authentication capabilities using Azure AD identities.
In this post, Premier Dev Consultant Marius Rochon show us how to obtain extra access tokens using OAuth2 Extension flow (on-behalf-of flow).
The following describes an approach for getting access tokens to more than one resource, without re-displaying the sign in dialog (using the V2 Azure AD endpoint).
I work with a lot of enterprise customers that have sizable portfolios of Intranet web sites using Web Forms and Windows Integrated Authentication that they would like to move to Azure PaaS; however, we’ve found that a lot of documentation on these topics doesn’t extend back to Web Forms and instead targets .NET Core and MVC.
On November 15, 2018 an update to Microsoft Azure Active Directory was released to bring AAD in line with the OAuth specification. This update prevents an authorization code from being used to obtain access tokens for multiple resources. The full release notes for this change can be found here.
Recently, I was asked by a customer with a very large internal Azure user base to help them find a way to keep track of Azure AD (AAD) application registrations in their directory. This customer has been on Azure for years, and the number of AAD application registrations has steadily grown during that time. There are so many applications now that it is hard for them to know which ones are still being used, and which are not. Furthermore, it’s common for application teams to create a secret key for their application and then forget that the key will eventually expire. How does the operations team know whom to contact when the expiration date is approaching?
In this post, App Dev Manager Chev Bryan demonstrates how to fetch a user’s profile from AAD using PowerShell.
On my recent journeys helping customers migrate from TFS to VSTS; one of the most common obstacle is verifying that users marked for active import to VSTS have matching AAD records.