- Home>
- MSAL
Tag Archives for " MSAL "
Common frameworks, libraries and design patterns I use
Published April 1, 2022
in .NET core
, Angular
, Architecture
, Azure
, Azure Active Directory
, Azure ADB2C
, Design Patterns
, OAuth2
, OpenID Connect
In this short post, I share some of the core frameworks, libraries and design patterns I worked with on a regular basis.
Continue reading
Tags:
bootstrap
, clean architecture
, CQRS
, dapper
, entity framework core
, MSAL
, msal angular
, oidc-client-js
Authenticate against azure ad using certificate in a client credentials flow
Published November 13, 2021
in .NET
, .NET core
, ASP.NET core
, Azure
, Azure Active Directory
, OAuth2
, OpenID Connect
, security
I have an API which needs to authenticate against azure ad to obtain an access token for calling another downstream API. When registering an application in azure AD for the caller API, I could either setup a shared secret or a certificate for the API to use as part of its credentials in a client credentials flow . In the past, I had always used a shared secret as it was more convenient and easier to setup. However, using certificate provides stronger security. After spending a few hours of googling and hacking, I was able to setup and use a certificate instead of a shared secret as credentials for the caller API to authenticate against azure AD.
Continue readingUsing OAuth2 Client Credentials grant type in Azure ADB2C
In the past, I worked on a project in which we had had to registered applications in both regular azure AD and azure ADB2C tenants just because OAuth2 Client Credentials grant type was not supported in Azure ADB2C. However, I recently learned that it is now possible to use the grant type to obtain an access token for an app in azure ADB2C.
OIDC implicit flow in angular with MSAL for angular, Microsoft Identity Platform (v2.0) and Azure AD.
Published July 13, 2019
in Angular
, Azure
, Azure Active Directory
, OAuth2
, OpenID Connect
, security
In this post, I share my experience about doing OpenID Connect (OIDC) implicit flow using Microsoft Authentication library (MSAL) for Angular, Microsoft Identity Platform (v2.0), and Azure AD. This post is part of the blog post series in which I cover implementing OIDC flows to protect as system that consists of an angular front-end application and asp.net core web apis. In the previous post, I give a high level overview of the technologies involved in protecting such a system.
Protecting angular and ASP.NET core applications – An Overview.
In this and upcoming blog posts, I’ll be talking about integrating Azure Active Directory (AAD) and leveraging open source libraries to protect a system consisting of an angular application and ASP.NET core web apis.
In this post, I just want to give a high level overview of the setup and the technologies involved in securing such as system. As such, I likely gloss over some of the points. In subsequent posts, I’ll cover the specific parts in more details.