Category Archives: Azure Active Directory

DevOps – Using Azure MSI with VSTS – step by step

Hi, Microsoft recently announced Azure Managed Service Identity (MSI) which in a nutshell, is a way to avoid storing credentials in code or in locations such as the web.config, the app service settings etc…thanks to an automatically provisoned Service Principal (bootstrap identity) … Continue reading

Posted in Azure, Azure Active Directory, Azure Key Vault | Tagged , , , | Leave a comment

DevOps trick – Provision Azure Active Directory Apps in a highly controlled way – step by step

Hi, Recently, I wrote a short blog post on how to provision Azure Active Directory (AAD) Apps in a highly controlled way, so I will not repeat all I said there, but it a nutshell, the idea is to make sure DevOps … Continue reading

Posted in Azure, Azure Active Directory | Tagged , , , | 1 Comment

DevOps trick – Provision Azure Active Directory Apps in a highly controlled way

Hi, Besides promoting a new collaboration mindset between development & operations, DevOps’ primary goal is to use tooling in order to reach continuous development as well as continuous deployment. As it implies a cultural change, it often cristalizes tensions between … Continue reading

Posted in Azure, Azure Active Directory | Tagged , , | 1 Comment

Implicit Grant flow and group membership within ID_TOKEN

Hi, I recently realized thanks to a colleague @MMeuree, that the ID_TOKEN that’s supposed to contain the group membership as shown below: does not list more than 4 groups (here I grabbed the token using another flow). So, if the user … Continue reading

Posted in Azure, Azure Active Directory | Tagged , , | Leave a comment

Transparent BOT authentication with Microsoft Teams

Hi, At the time of writing this blog post, the BOT framework is still in preview so things are subject to change! However, if you already played with it and tried to enable the Teams Channel for one of your BOTs, you’ll … Continue reading

Posted in Azure, Azure Active Directory | Tagged , , | Leave a comment

Microsoft BOT framework, transparent authentication with the webchat control

Hi, In this post, I will explain how you can transparently authenticate end users to a BOT whose the backend is hosted in Azure. I’m only covering the webchat channel and more particularly the webchat control that is available out … Continue reading

Posted in Azure, Azure Active Directory | Tagged | 25 Comments

Alternative to Azure AD Premium’s Azure AD Privileged Identity Management (PIM)

Hi, Azure AD Priviledged Identity Management aka PIM is a great set of features to control who can access what in an organization but this is part of Azure Active Directory Premium P2, which costs about 7 euros/month/user at the … Continue reading

Posted in Azure Active Directory | Tagged , | Leave a comment