Understanding Azure Storage data access permissions

I stumbled a bit today when trying to access a blob in Azure Storage. I made an assumption about the permissions granted to my organizational account....

Use a CLI to get an access token for your AAD Protected Web API

You have an application registration in your tenant that represents the Web API to secure. https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-protected-web-api-overview During development,...

Microsoft Identity Platform: Thoughts on Implicit Grant

The OAuth2 working group recently released a draft of the best practices on how to secure applications using OAuth2 and OpenID Connect....

JWT Expiration as a DateTime string

You have this: Run this: Add-Type -path .\Microsoft.IdentityModel.Tokens.dll [Microsoft.IdentityModel.Tokens.EpochTime]::DateTime(1541531797).ToLocalTime() Tuesday, November 6, 2018 1:16:37 PM...

Keep Credentials Secure using Azure Managed Service Identity

Microsoft has announced the General Availability for Managed Service Identity (MSI) for App Service and Azure Functions [https://blogs.msdn.microsoft.com/appserviceteam/2018/06/26/...

MSAL Configuration and Logging

I previously posted about the logging capabilities in ADALv3 [https://www.schaeflein.net/adal-v3-diagnostic-logging/]. Logging is part of MSAL as well, and works in the same...

Azure AD - Office Hours for Developers

The Microsoft Identity team is excited to announce Office Hours for Developers where we delve into your top-of-mind questions about identity and development with Azure AD....

Webinar: Using Microsoft Flow to automate a B2B approval process

Want to see how Flow combined with a custom web service can help your users? Come to a webinar showing a real-life solution leveraging Microsoft Flow...

ADAL.Net 3.17.0 release

Microsoft has published an update to the Active Directory Authentication Library (ADAL) [https://azure.microsoft.com/en-us/blog/adal-net-3-17-0-released-2/]. Notable enhancements: * Retry-After property when receiving a...

Azure AD: Managed Service Identity preview

Here is a great reason to host your cloud services in Azure: Managed Service Identities [https://azure.microsoft.com/en-us/blog/keep-credentials-out-of-code-introducing-azure-ad-managed-service-identity/] Instead of calling the...

Guest access comes to Microsoft Teams

After a long period of development, guest access finally arrives for Microsoft Teams! Based on the Azure AD B2B service, the feature will enable many extranet-type...

Strengthening the Passwords of your Audience

I do a lot of work in the "Identity" space, but I am for sure not the smartest guy in the room. I have...

Updated Azure AD Login screen is coming

As you may have noticed, the login experience for Micrsooft Accounts (MSA) has changed over the last few weeks. This change is coming to Azure AD!...

Azure AD B2B AMA

> This time we’re focusing on a specific topic, how to use Azure AD to easily enable cross-company, cloud based collaboration. Are you looking for...

Vulnerability in Azure AD Connect Could Allow Elevation of Privilege

Microsoft Security Advisory 4033453 Vulnerability in Azure AD Connect Could Allow Elevation of Privilege Published: June 27, 2017 Version: 1.0 Microsoft is releasing this security...