Decentralised Identity is a technology I’m passionate about and have written many posts and tools on as well as participating in hackathons. Microsoft’s Entra Verified ID solution is an offering I’ve been a part of from the early previews. It can be time consuming setting up and getting all the configuration items correct.… keep reading
Entra ID Tenant ID & Custom Domains PowerShell Module
Buried in my PowerShell Snippets Vol 4 post from 2021 is the PowerShell script and a link to a PowerShell Module I authored named AzureADTenantID. Its sole purpose was to take a domain name (e.g., darrenjrobinson.com) and lookup return any associated Azure AD (now Entra ID) TenantID.… keep reading
Goodbye Azure AD, Hello Entra ID
Today Microsoft made big announcements about its Microsoft Entra suite of identity and security products and capabilities. The Microsoft Entra suite is expanding into Security Service Edge and Azure Active Directory (Azure AD) is becoming Microsoft Entra ID. Azure Active Directory as a name is now earmarked for the history books and Entra ID is born.… keep reading
Using Azure AD for SSO into SailPoint IdentityNow
Recently I had a request to integrate Azure AD for SSO into SailPoint IdentityNow. And as weird as it sounds previously integrations had been either with Active Directory or other IDentity-as-a-Service Providers (IDaaS).
It shouldn’t be too hard. I had visited the Service Provider IdentityNow Administration configuration screen before.… keep reading
Token Binding with Verifiable Credentials
Update: 21 July '22 Our Identity for All hackathon submission was runner up finalist.
It’s only been four months since the last Microsoft Hackathon targeted at my area of expertise. And Microsoft are back with another one. This time it is the Microsoft Identity for All Hackathon again hosted by DevPost.… keep reading
Decentralized Identity of Things
Update: 11 Feb '22 Our Decentralized Identity of Things submission to the Microsoft Decentralized Identity Hackathon has won the hackathon.
It has been sometime since I have entered a hackathon so it was awesome to enter once again, but also as part of a team.… keep reading
Connecting to Microsoft Graph using the Authorization Code with PKCE Flow and PowerShell
I’ve authored numerous posts on using the Microsoft Authentication Libraries to connect to Microsoft Graph using PowerShell and Python. They cover using both public and confidential client methods. But what about a method that can be either? In this post I show how to use the Authorization Code with PKCE Flow and PowerShell to authenticate and authorize against Azure Active Directory for Microsoft Graph access.… keep reading
Generating PKCE codes with PowerShell
Proof Key for Code Exchange (PKCE) is a mechanism often used with an OAuth2 Authorization Code Grant flow to provide an enhanced level of security when authenticating to an Identity Provider such as Microsoft Graph to get an access token. In order to use PKCE a code_verifier is generated along with a code_challenge.… keep reading
What does your Azure AD FIDO2 Passwordless Credential look like?
I’m curious. I often think, how does that work? Or why does it behave like that? We are well into the journey towards Passwordless adoption and I’ve spoken and posted about aspects of it before. Always a good place to start are the standards.… keep reading
Azure AD User Account Federation Report
Which Azure AD Tenants is my user account federated too? More specifically, in which Azure Active Directory Tenants do I have an Azure Active Directory B2B Guest Account? Is there a way I can quickly get an Azure AD User Account Federation Report?… keep reading