Introduction I’ve tried to explain previously how to secure a backend api where I’ve used Azure functions to demonstrate how to protect it, but what if we’re not on Azure? I know you can run the A...
What does validate tokens mean in modern authentication?
Introduction An important rule when you deal with backend application like webapp or webapi is that you have to validate each token you receive but what does it mean? When we check the auth provid...
Play with multitier AAD applications
Introduction Now that we covered basics in the previous article, let’s go a step higher and build a multi-tiers application composed in our case with a frontend (Powershell console) and a backend ...
How to use modern authentication
Introduction I’m learning modern authentications since several months and I still learn new things every day! I’m super happy to publicly share what I’m doing on my free time and I hope it will he...
Another way to create Azure AD applications
Introduction I’m still enjoying learning AAD identity topics. In the previous articles, I’ve explained the differences between app registration and Enterprise app. Since I’ve started this learning...
Concrete passwordless Github pipeline with ARC for servers
Introduction In the previous article, I’ve explained what I did with ARC and this time, I’ve wanted to go deeper. Few month ago, I’ve played with Azure DevOps (AzDO). You can find my shift left mi...
Passwordless deployment from anywhere with Azure ARC
Introduction Instead of re-inventing the wheel, I will simply paste this definition that I’ve found in the Azure ARC overview. “Azure Arc enables you to manage your entire environment, with a sing...
Add roles to an Azure function?
Introduction Following the previous post where I’ve enabled OAUth on an azure function with easy auth, few minutes after I had another idea… The problem? I have no idea if it’s stupid or if it’s a...
How can I better protect my Azure functions with OAuth?
Introduction Following a question from Stefan Stranger, it seems there is not a lot of documentation on the subject. The goal here will be to simply enable OAUth on top of an app service plan with...
Deep dive into modern application
Introduction At the beginning, I’ve wanted to talk about what an application is and how to create it in a single article. Then I’ve started to realize that it’s maybe not a good idea… So, let’s st...