A customer recently asked me how to set up authorization so they could authorize a service principal calling their API using AzureAD groups. Here is
Category: Azure Active Directory
How to retrieve the trigger URL for an Azure Logic App programmatically via a service principal
A customer asked me how to get the trigger URL (including SAS token) that is displayed in the Azure portal programmatically via a service principal.
How to automatically rotate Azure AD app registration client secrets using Azure Functions (with Java) and Key Vault
A very common requirement is to change secrets regularly (such as on a schedule or if they are exposed). Azure AD app registrations can have
How to set up alerts when a user uses Azure Privileged Identity Management to activate Global Administrator (or any other role)
Azure provides a large number of role-based access control (RBAC) roles to provide fine-grained access to both Azure & Azure AD. It is best practice
How to expose a legacy API (with a legacy authentication system) using Azure API Management policies
My GitHub repo shows you how to call a custom “token” API endpoint programmatically as part of an Azure API Management policy for a different operation. In
How to call Key Vault from both an onprem server & an Azure App Service using .NET Framework & .NET Core
My GitHub repo shows how to retrieve secrets stored in an Azure Key Vault using a .NET Framework & .NET Core application. It demonstrates both
How to use Azure API Management Policies to log the calling client Azure AD application
My GitHub repo shows you how to build a simple web app that has a user interactively sign-in and then call an API protected via
How to use an Azure Function to regenerate or set the primary & secondary keys of an Azure API Management (APIM) subscription programmatically.
In my GitHub repo, I want to programmatically change the API Management subscription key. APIM doesn’t have a built-in way to rotate keys on a
How to implement a “backend-for-frontend” pattern for protecting an API subscription key when using a Single Page App (React).
My GitHub repo shows how to how to implement a “backend-for-frontend” pattern for protecting an API subscription key when using a Single Page App (React).
How to set up hybrid cloud to on-premises authentication using Azure AD App Proxy & Kerberos
My GitHub repo is a demo implementation of the hybrid cloud to on-premises setup for Azure AD App Proxy. Architecture Deployment instructions In general, follow the instructions