darrenjrobinson – Bespoke Identity and Access Management Solutions
Enterprise Microsoft and SailPoint Identity & Access Management Architect
Previously I’ve written about using MSAL and PowerShell with Application Permissions and Client Credentials and Certificate based authentication. Also with Delegated Permissions and Device Code flow authentication. The one I haven’t written a post on is performing interactive authentication to Microsoft Graph using MSAL with PowerShell and Delegated Permissions.… keep reading
In October last year I authored this post that provided a getting started guide to using MSAL with PowerShell. That post also hinted at future posts expanding on additional functionality. Finally, I’m delivering on that with this post that will dive into using MSAL with PowerShell and delegated permissions.… keep reading
Update 9 July 2020: This post details using MSAL with PowerShell for Azure AD Registered Applications with Application Permissions. See this post for using MSAL with PowerShell for Azure AD Registered Applications with Delegated Permissions. See this post for using MSAL with PowerShell for Azure AD Registered Applications using Application Permissions with Certificate based authentication.… keep reading
Recently I entered my second Hackathon. My submission was my first ever Web Application for the Devpost / Microsoft Graph Security Hackathon. This morning (Australian time) the winners were announced and ……. I WON.
To say I’m thrilled and honoured would be an understatement as the hackathon was judged by the esteemed Ann Johnson, Scott Hanselman, Troy Hunt, Rick Howard, Mark Russinovich and Olli Vanhoja.… keep reading
Late in 2018 it came to my attention new functionality with the Microsoft Graph API for batching API requests into a single request. As I predominantly use PowerShell for scripting into Microsoft Graph parallel requests historically required extra functions to achieve something similar.… keep reading
What we know today as the Microsoft Graph has evolved over the last few years from a number of different API’s that were developed by different product teams within Microsoft (e.g Azure AD, Office 365, Outlook). That doesn’t mean the old ones have gone away, but it does mean that we can connect to the Microsoft Graph API and leverage the API’s we used to interface with independently.… keep reading
Update: Oct 30 '18 Also see this post that adds support for Microsoft's updates to the Microsoft Graph to include additional information about Azure AD B2B Guest users.
Earlier this year Microsoft released the Microsoft Identity Manager Azure AD B2B Management Agent.… keep reading
UPDATE: August 2018 As promised below I've finally written up my Azure AD B2B Invitation Management Agent. You can find it in this post here. UPDATE: June 2018 When I originally wrote this post the intent was to test the ability of the Graph MA to export to Azure AD.… keep reading
At the end of last week (14 Sept 2017) Microsoft announced a new Azure Active Directory feature – Managed Service Identity. Managed Service Identity helps solve the chicken and egg bootstrap problem of needing credentials to connect to the Azure Key Vault to retrieve credentials.… keep reading
Update: Dec 20 2018. See this post that details the changes to the Azure AD Reports and Events Rest API.
Hybrid Reporting is a great little feature of Microsoft Identity Manager. A small agent installed on the MIM Sync Server will send reporting data to Azure for MIM SSPR and MIM Group activities.… keep reading