Azure Content Spotlight – Password-less Sign-in to Azure & Windows 10

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. Microsoft has made a huge step in their drive to eliminate passwords for good! In the next Windows updates, their adding a limited preview of FIDO2 security key support. This will improve security significantly…

2

Assisted Login Using the OAuth Deviceprofile Flow

Have you ever tried to deal with logging in on an input-constrained device, and thought it wasn’t as easy as you wanted it to be? (Hence the term “constrained”…) There could be any number of devices where it is either a hassle to enter long passwords, or no option at all for that matter. This…

1

Azure Content Spotlight – New Release Notes for Azure Active Directory

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. Microsoft comes up with a new model for publishing detailed release notes and the first set has gone live last week. With this new publishing model for new Azure AD feature releases and plan-for-change communications,…

1

Azure Content Spotlight – New Azure Security Features Overview

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. At Ignite, a lot of new Azure Security features are announced. In this weeks content spotlight I’m going to highlight most of them: Overview of what’s new in Azure Information Protection Overview of what’s…

0

Working with identity in .NET Core 2.0

Last year I did a quick code sample on how to use identity in .NET Core (1.x): https://contos.io/protecting-a-net-core-api-with-azure-active-directory-59bbcd5b3429 Time flies, and just weeks ago I showed how fun/frustrating it can get when we want to secure a SPA with a .NET Core 2.0 back-end: https://blogs.msdn.microsoft.com/azuredev/2017/09/22/protecting-a-net-core-2-0-spa-with-adfs/ As I stated along with the most recent code snippet…

2

DevOps – Using Azure MSI with VSTS – step by step

Hi, [Update]: I have released a custom extension doing all of this on the marketplace. https://marketplace.visualstudio.com/items?itemName=stephane-eyskens.aadv1appprovisioning Microsoft recently announced Azure Managed Service Identity (MSI) which in a nutshell, is a way to avoid storing credentials in code or in locations such as the web.config, the app service settings etc…thanks to an automatically provisioned Service Principal (bootstrap identity) that…


Protecting a .NET Core 2.0 SPA with ADFS

Today’s identity-related pop quiz: How do you secure a SinglePageApp (SPA) with a .NET Core back-end using ADFS? If you said “there’s probably an official sample for that over at docs.microsoft.com” you’d not be entirely right. Oh, there’s samples, but if you implied “working sample” I dare you to come up with it 🙂 (Well,…

2

DevOps trick – Provision Azure Active Directory Apps in a highly controlled way

Hi, Besides promoting a new collaboration mindset between development & operations, DevOps’ primary goal is to use tooling in order to reach continuous development as well as continuous deployment. As it implies a cultural change, it often cristalizes tensions between the involved stakeholders but I’m not gonna debate about its current effectivness and reality within…

6