Marius Rochon

Choosing the OAuth2 grant flow

Premier DeveloperJune 17, 2019Jun 17, 201906/17/19

Premier Dev Consultant Marius Rochon explores OAuth2 questions you need to ask and how the answers lead to the selection of the grant.

The OAuth2 specifications define six different grant types (https://tools.ietf.org/html/rfc6749 and https://tools.ietf.org/html/draft-ietf-oauth-device-flow-15). Each provides the most optimal (from the security point of view) way of obtaining access or (for OIDC) id_tokens given the circumstances of the client application.

Multi-Tenant Applications and Azure AD

Premier DeveloperMay 7, 2018May 7, 201805/7/18

Following up on a previous blog post, Premier Developer Consultant Marius Rochon describes recent changes and compares the use of Azure AD multi-tenant features with the custom features in B2C.

Read Marius’s first post here.
Since then, there have been some changes to the demo application regarding new modes and new features.

Developing an Azure AD B2C multi-tenant application

Pam LahoudOctober 9, 2017Oct 9, 201710/9/17

In this post from his blog, Premier Developer consultant Marius Rochon provides a demo application that illustrates how to use Azure Active Directory B2C for authentication in a multi-tenant application.

The ‘regular’ Azure AD has build-in support for multi-tenant applications. In that case,

Claims augmentation with OWIN but outside of Startup code

Pam LahoudAugust 16, 2017Aug 16, 201708/16/17

This post on authentication and authorization is from Premier Developer consultant Marius Rochon.

Claims list included in the ClaimsPrincipal usually originate from the security token received by the application as part of user authentication (SAML, OpenIDConnect id token) or access authorization (OAuth2 bearer access token).

OWIN and WS-Federation with CA Siteminder

Pam LahoudMarch 22, 2017Mar 22, 201703/22/17

Check out this blog from Premier Developer consultant Marius Rochon for information on how to integrate ASP.NET applications with CA Siteminder.

A customer was having a problem integrating an ASP.NET application with CA Siteminder v12.52. Firstly, there was a problem with using SAML2.0 token formats.

Multi-tenant WebAPI – simple admin consent

Pam LahoudJanuary 10, 2017Jan 10, 201701/10/17

In this post, Premier Developer consultant Marius Rochon shares his application authentication experience in order to help you create your own Multi-tenant WebAPI applications.

The VS.NET 2015 wizard for adding authentication to ASP.NET WebAPI projects does not support using the multi-tenant option.

Passive is good!

Pam LahoudApril 8, 2016Apr 8, 201604/8/16

Here’s a quick read from Premier Developer consultant Marius Rochon’s blog. In it, Marius gives some great reasons to leverage passive authentication protocols in your applications rather than writing your own code to handle credentials.

Some time back I wrote about avoiding handling of credentials (creation/maintenance/verification of user names,

Changing user password in Azure AD using GraphAPI

Pam LahoudMarch 3, 2016Mar 3, 201603/3/16

Recently, Premier Developer Consultant Marius Rochon posted this article on his blog regarding changing passwords in Azure AD that may be helpful to those of you facing this specific scenario in your applications:

You use Azure AD for some applications (e.g.

Using OAuth2 with SOAP

Premier DeveloperNovember 20, 2015Nov 20, 201511/20/15

Premier Development Consultant Marius Rochon explores the combination of Universal App Platform (UAP) with SOAP using OAuth2 protocol for authentication. One possible application of this approach might be migrating from WCF to REST and/or needing to mix REST and SOAP services.

Using Azure AD to authorize Service Bus requests

Pam LahoudFebruary 18, 2015Feb 18, 201502/18/15

Most Service Bus examples use symmetric keys directly in applications needing access to the Service Bus, usually as part of the connection string. That approach does not work so well with widely distributed applications, e.g. desktop or mobile apps. In the latest post from his blog,

Premier Developer