Azure Content Spotlight – New Azure Security Features Overview

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. At Ignite, a lot of new Azure Security features are announced. In this weeks content spotlight I’m going to highlight most of them: Overview of what’s new in Azure Information Protection Overview of what’s…

0

Working with identity in .NET Core 2.0

Last year I did a quick code sample on how to use identity in .NET Core (1.x): https://contos.io/protecting-a-net-core-api-with-azure-active-directory-59bbcd5b3429 Time flies, and just weeks ago I showed how fun/frustrating it can get when we want to secure a SPA with a .NET Core 2.0 back-end: https://blogs.msdn.microsoft.com/azuredev/2017/09/22/protecting-a-net-core-2-0-spa-with-adfs/ As I stated along with the most recent code snippet…

2

DevOps – Using Azure MSI with VSTS – step by step

Hi,   Microsoft recently announced Azure Managed Service Identity (MSI) which in a nutshell, is a way to avoid storing credentials in code or in locations such as the web.config, the app service settings etc…thanks to an automatically provisioned Service Principal (bootstrap identity) that you can leverage using the App Service (or other components supporting MSI). As…


Protecting a .NET Core 2.0 SPA with ADFS

Today’s identity-related pop quiz: How do you secure a SinglePageApp (SPA) with a .NET Core back-end using ADFS? If you said “there’s probably an official sample for that over at docs.microsoft.com” you’d not be entirely right. Oh, there’s samples, but if you implied “working sample” I dare you to come up with it 🙂 (Well,…

2

DevOps trick – Provision Azure Active Directory Apps in a highly controlled way

Hi, Besides promoting a new collaboration mindset between development & operations, DevOps’ primary goal is to use tooling in order to reach continuous development as well as continuous deployment. As it implies a cultural change, it often cristalizes tensions between the involved stakeholders but I’m not gonna debate about its current effectivness and reality within…

6

Using ADFS as an Identity Provider for Azure AD B2C

Using Azure AD B2C with “regular” Azure AD enabled some new and useful scenarios. Let’s take logins further along the same track while we are at it. To not repeat myself I will assume you have at least skimmed through the previous article: https://blogs.msdn.microsoft.com/azuredev/2017/05/30/azure-ad-b2c-kicking-it-up-a-notch-with-support-for-aad-as-idp/ The integration between B2C and AAD is done through the support…

1

Azure Content Spotlight – Azure Active Directory v2 Endpoint

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. This week’s content spotlight is about the Azure Active Directory v2 endpoint. Cloud and mobile applications have different sign-in requirements than traditional on-premises applications. The Microsoft Azure Active Directory v2 endpoint provides…

2

Azure AD B2C – Kicking it up a notch with support for AAD as IdP

I have mentioned AAD B2C before, and it should be your go-to feature if you want to have users logging in to your apps with their “social” identity. Like all Azure services B2C also evolves, and there happens to be a newly released feature I would like to highlight 🙂 While B2C covers the big…