Explains why embedding secrets like API keys in native apps is a critical security flaw, with a practical demonstration.
Explains best practices for building secure multi-tenant Azure AD applications that restrict login to a specific set of known tenants.
Explains the OAuth Resource Owner Password Credentials (ROPC) grant flow in Azure AD, detailing its purpose and why it should be avoided in modern applications.
Explains security risks of wildcard reply URLs in MSAL.js and demonstrates a safer alternative using session storage for post-login redirects.
Compares using Azure AD groups vs. application roles for authorization, discussing pros, cons, and best practices for developers.
How to properly validate Azure AD tokens in a multitenant ASP.NET Core app using a custom issuer validator.
A technical guide on implementing Azure AD single sign-out in ASP.NET Core applications, explaining configuration and the SameSite cookie requirement.
Part 2 of a guide on implementing Azure AD authentication in ASP.NET Core APIs, covering custom permissions and multi-tenant configuration.
Summary of July 2018 updates to Azure AD Managed Service Identity, including new user-assigned identities and supported services.
A guide on using PowerShell to copy Office 365 user license configurations between accounts, addressing a common administrative challenge.
A technical guide on setting up Azure AD authentication for ASP.NET Core APIs, covering app registration, scope validation, and creating a test client.
Explains how to use Azure AD authentication and Managed Service Identity for secure, role-based access to Azure Storage Blobs and Queues.
Guide on using Azure AD Managed Service Identity with application permissions to securely call APIs without storing secrets.
Explains how to implement an opt-in calendar feature for an Azure AD v1 app by creating a separate app to manage delegated permissions.
A developer's guide to Azure AD v2 and MSAL, covering converged authentication, app registration, and OpenID Connect compliance.
Explores configuring multi-tenant Azure AD applications with chained API calls and cyclic dependencies, detailing setup and known client applications.
Explains the OAuth Device Code Flow in Azure AD for authenticating apps without a web browser, including how it works and a C# example.
A technical guide on implementing Azure AD's On-Behalf-Of token flow in an ASP.NET Core 2.0 API to securely call downstream services like Microsoft Graph.
Explains the Azure AD error AADSTS90094, detailing why it occurs when admin consent is missing for app permissions and how to resolve it.
A guide to defining delegated and application permissions (scopes and roles) for an app in Azure Active Directory using the application manifest.
