This week Microsoft announced that Microsoft Entra Verified ID has moved from public preview to general release. This has been quite the journey with general release being postponed twice that I’m aware of. I’ve been actively following the development of it since I was first introduced to it at the Microsoft Most Valuable Professional (MVP) Summit in Redmond way back in March 2019.… keep reading
Recently I had a request to integrate Azure AD for SSO into SailPoint IdentityNow. And as weird as it sounds previously integrations had been either with Active Directory or other IDentity-as-a-Service Providers (IDaaS).
It shouldn’t be too hard. I had visited the Service Provider IdentityNow Administration configuration screen before.… keep reading
Update: 21 July '22 Our Identity for All hackathon submission was runner up finalist.
It’s only been four months since the last Microsoft Hackathon targeted at my area of expertise. And Microsoft are back with another one. This time it is the Microsoft Identity for All Hackathon again hosted by DevPost.… keep reading
Previously I have written a number of posts on interacting with Azure AD using the Microsoft Authentication Libraries (MSAL) and Python. This page here lists those posts along with a series using PowerShell. The Python related posts also detail decoding Azure AD access tokens with Python to determine when the access token will expire.… keep reading
Passwordless, are we there yet? Even though Passwordless means different things to different people, in my interpretation of user initiated password obsolescence I’ve minimised typing passwords as much as possible. In this post I’ll detail how.
Eliminating Password Use in the Enterprise
You don’t need to wait for your organisation to start promoting and urging you to go passwordless.… keep reading
This blog uses WordPress. Why WordPress? Well, it was the most prevalent platform when I started this blog back in 2016 and it was more powerful and extensible than Blogger which I had used previously. Anyway, that’s rather irrelevant for this post which about accessing WordPress APIs with PowerShell.… keep reading
I’ve authored numerous posts on using the Microsoft Authentication Libraries to connect to Microsoft Graph using PowerShell and Python. They cover using both public and confidential client methods. But what about a method that can be either? In this post I show how to use the Authorization Code with PKCE Flow and PowerShell to authenticate and authorize against Azure Active Directory for Microsoft Graph access.… keep reading
Proof Key for Code Exchange (PKCE) is a mechanism often used with an OAuth2 Authorization Code Grant flow to provide an enhanced level of security when authenticating to an Identity Provider such as Microsoft Graph to get an access token. In order to use PKCE a code_verifier is generated along with a code_challenge.… keep reading