Tag Archives: Azure Active Directory

DevOps – Using Azure MSI with VSTS – step by step

Hi, Microsoft recently announced Azure Managed Service Identity (MSI) which in a nutshell, is a way to avoid storing credentials in code or in locations such as the web.config, the app service settings etc…thanks to an automatically provisoned Service Principal (bootstrap identity) … Continue reading

Posted in Azure, Azure Active Directory, Azure Key Vault | Tagged , , , | Leave a comment

DevOps trick – Provision Azure Active Directory Apps in a highly controlled way – step by step

Hi, Recently, I wrote a short blog post on how to provision Azure Active Directory (AAD) Apps in a highly controlled way, so I will not repeat all I said there, but it a nutshell, the idea is to make sure DevOps … Continue reading

Posted in Azure, Azure Active Directory | Tagged , , , | Leave a comment

DevOps trick – Provision Azure Active Directory Apps in a highly controlled way

Hi, Besides promoting a new collaboration mindset between development & operations, DevOps’ primary goal is to use tooling in order to reach continuous development as well as continuous deployment. As it implies a cultural change, it often cristalizes tensions between … Continue reading

Posted in Azure, Azure Active Directory | Tagged , , | Leave a comment

Leveraging the Azure AD Proxy to consume on-prem APIs from an Azure Web Job using the Password Grant Type

Hi, When creating Azure AD Proxy Applications to expose on-prem WebAPIs, you have to do a few things such as: Installing the proxy connector on an on-prem server (that has access to the web api) Configuring KCD in order to … Continue reading

Posted in Azure Active Directory, Azure Active Directory Proxy | Tagged , | Leave a comment

Orchestrating access to Azure KeyVault

Hi, As you might know, Azure Key Vault is a set of repositories one can use to store key/value pairs of secrets, certificates etc. in order to facilitate the maintenance of this information. Key Vault comes with “Keys” and “Secrets” … Continue reading

Posted in Azure Active Directory, Azure Key Vault | Tagged , | Leave a comment

KeyVaultClientException: Operation “get” is not allowed

Hi, If you happen to encounter any security exception with keyvault, make sure you pay attention to how you grant access to the Azure Active Directory Application. To grant access to the application, make sure you grant it to the … Continue reading

Posted in Azure Active Directory | Tagged , | Leave a comment

Managing expiration of Azure Active Directory Application Client Secrets

Hi, As I am more and more using Azure Active Directory Applications to consume online services such as SharePoint Online, Yammer etc., I found myself annoyed with the duration of the client secrets. As you know, when creating an app … Continue reading

Posted in Azure Active Directory | Tagged , , | Leave a comment