Security with API: OAuth, token-based access vs key-based access

Let’s consider security with APIs, i.e how to securely identify the caller. There are two authentication methods quite popular in the cloud to secure APIs: Key-based access OAuth, or token-based access in general Let’s compare them. Key-Based By key-based we mean an authentication scheme where we do pass a key to the API request. That … More Security with API: OAuth, token-based access vs key-based access

Azure Functions HTTP – Authorization Levels

In a past article, we looked at Serverless compute in Azure in general and Azure Functions specifically. In this article we wanted to focus on Azure Function triggered by HTTP requests and the different options we have to authenticate: Anonymous Function Admin System User Those are called Authorization Levels.  For each function in a function … More Azure Functions HTTP – Authorization Levels

Managing Azure AD Application members in Portal

One of Azure AD’s powerful concept is the application.  It gives context to an authentication as we explained in this article. An application can also be used as an authorization barrier since we can manage an application members.  This is optional as by default, everyone in a tenant has access to its application.  But if … More Managing Azure AD Application members in Portal

Automating Azure AD

In the previous article, we explored how to interact (read / write) to an Azure AD tenant using Microsoft Graph API. In the article before that, we looked at how to authenticate a user without using Azure AD web flow. Those were motivated by a specific scenario:  replacing a LDAP server by Azure AD while … More Automating Azure AD

Using Microsoft Graph API to interact with Azure AD

In my last article, I showed how to authenticate on Azure AD using a user name / password without using the native web flow. The underlying scenario was to migrate an application using an LDAP server by leveraging an Azure AD tenant. The logical continuation of that scenario is to use the Microsoft Graph API … More Using Microsoft Graph API to interact with Azure AD

Joining an ARM Linux VM to AAD Domain Services

Active Directory is one of the most popular domain controller / LDAP server around. In Azure we have Azure Active Directory (AAD).  Despite the name, AAD isn’t just a multi-tenant AD.  It is built for the cloud. Sometimes though, it is useful to have a traditional domain controller…  in the cloud.  Typically this is with … More Joining an ARM Linux VM to AAD Domain Services