On November 15, 2018 an update to Microsoft Azure Active Directory was released to bring AAD in line with the OAuth specification. This update prevents an authorization code from being used to obtain access tokens for multiple resources. The full release notes for this change can be found here.
Recently, I was asked by a customer with a very large internal Azure user base to help them find a way to keep track of Azure AD (AAD) application registrations in their directory. This customer has been on Azure for years, and the number of AAD application registrations has steadily grown during that time. There are so many applications now that it is hard for them to know which ones are still being used, and which are not. Furthermore, it’s common for application teams to create a secret key for their application and then forget that the key will eventually expire. How does the operations team know whom to contact when the expiration date is approaching?
In this post, App Dev Manager Chev Bryan demonstrates how to fetch a user’s profile from AAD using PowerShell.On my recent journeys helping customers migrate from TFS to VSTS; one of the most common obstacle is verifying that users marked for active import to VSTS have matching AAD records. Thankfully there is a fairly streamlined way to do
Following up on a previous blog post, Premier Developer Consultant Marius Rochon describes recent changes and compares the use of Azure AD multi-tenant features with the custom features in B2C.Read Marius’s first post here.Since then, there have been some changes to the demo application regarding new modes and new features. In his follow-up
App Dev Manager Nicholas McCollum walks through creating an Azure Mobile App that uses client directed authentication via Azure AD. Azure Mobile Apps are built on Azure App Services. Through the Azure portal you can configure your Azure Mobile App to provide sign in, push notifications, and data synchronization. When you configure sign
In this post from his blog, Premier Developer consultant Marius Rochon provides a demo application that illustrates how to use Azure Active Directory B2C for authentication in a multi-tenant application.The 'regular' Azure AD has build-in support for multi-tenant applications. In that case, a user from any Azure AD tenant can sign in to an app
This post is provided by Senior App Dev Manager Nick McCollum, who introduces us to Azure Active Directory B2B collaboration. Azure Active Directory Business to Business (B2B) Collaboration enables your business partners to selectively access your corporate applications. In the original release of the product the invitation experience r
In this post, Premier Developer Consultant Marius Rochon shows us how to use Azure AD to enable partner access to Sharepoint 201x. The following summarizes my experience with setting Azure AD as authentication provider for Sharepoint 2013 or 2016. This setup enables access to SharePoint for external users (business partners, customers). Whi
In a recent post from his blog, Premier Developer Consultant Marius Rochon shows how to use Azure AD to authenticate public clients to SQL Azure. Azure AD enables access authorization to SQL Azure as an alternative to providing username/password information in the connection string: https://azure.microsoft.com/en-us/documentation/articles
In a recent post from his blog, Premier Developer Consultant Marius Rochon gives us a step-by-step overview of how to use OAuth2 Client Credential flow with an X509 certificate. This Azure AD sample shows how to use OAuth2 Client Credential flow with an X509 certificate for authentication. Here is a procedure I use to periodically rollover