Azure - Gowtham K

Securely Access SharePoint Files Using CSOM, MSAL, and Microsoft Entra ID

Introduction: In recent years, Microsoft Entra ID has moved away from legacy service account and username/password-based authentication patterns for SharePoint access. These older approaches are no longer recommended because they…

MS ENTRA ID PROTECTED WEB API – JWT Token Validation with MSAL & Testing with Postman

Introduction: This article provides a comprehensive, step-by-step guide for the API project – an ASP.NET Core 8.0 Web API that is protected by Microsoft EntraID (formerly Azure Active Directory) using…

Testing Azure API Management with DefaultAzureCredential: An Integration Testing Approach

Introduction: In modern cloud-native applications, securing APIs is paramount. Azure API Management (APIM) provides a robust platform for managing and securing APIs, and when combined with Azure Entra ID (formerly…

Extend Azure AD B2C claim enrichment: call the Function App only for a specific client

Introduction: In my previous article, I showed how to enrich tokens in Azure AD B2C by calling an Azure Function App during sign-in: https://gowthamcbe.com/2023/12/20/azure-ad-b2c-custom-policy-custom-claim-token-enrichment/ In this follow-up post, I’ll extend…

Azure
B2C

Azure AD B2C Custom Policy: Forcing Password Reset on First Login

Introduction: When working with Azure AD B2C, there are scenarios where users must reset their password upon their first sign-in, especially when passwords are either admin reset or auto-generated during…

Building a .NET 8 Web API Secured with Microsoft Entra ID and a Blazor App

Introduction: Secure authentication and authorization mechanisms are essential in modern application development. Microsoft Entra ID (formerly Azure AD) provides a powerful and scalable identity platform that integrates seamlessly with .NET….

Configure Azure AD B2C as a Social IDP for Oracle OCI

Introduction: Oracle Cloud Infrastructure (OCI) is Oracle’s comprehensive suite of cloud services, designed to support modern enterprise applications with high performance, reliability, and security. Built with robust architecture, OCI provides…

Email Notification for Entra ID Application Secret Key Expiry

Introduction: Azure doesn’t have a feature to send an alert to the Entra ID application users whenever the secret is about to expire out of the box.This article explains how…

Azure Key Vault with Managed Identity

Introduction: Azure Key Vault Azure Key Vault is a cloud service provided by Microsoft Azure that allows you to securely manage and store sensitive information such as secrets, keys, and…

Azure
B2C

Azure AD B2C Custom Policy – Multi-Factor Authentication (TOTP- Authentication App)

Introduction: Multi-factor authentication (MFA) is a security mechanism that requires users to verify their identity using multiple factors before gaining access to an account or system. These factors typically include something…