Posted on

How to Provision an Azure SQL Database With Active Directory Authentication

In this article, we will talk about how to provision an Azure SQL Database with authentication restricted to Active Directory users/groups/applications. We will use Pulumi to do that.

Why This Article?

In a previous article, I already talked about connecting to an Azure SQL Database using Azure Active Directory authentication. However, my focus was on querying an Azure SQL Database from C# code (from an ASP.NET 6 Minimal API that was using Microsoft.Data.SqlClient "Active Directory Default" authentication mode, to be more precise), and not on the configuration of the Azure AD authentication itself.

Posted on

Azure File AD Integration

Today I am going to show you how to perform Azure File AD integration in a simplified way. I hope you will enjoy this blog like my previous one. 

Let's understand the Azure File role. It works as Distributed File System (DFS), which means I can share folder/file with multiple clients at the same time. The client computer has to map the drive and start sharing the data within the team through it. 

Posted on

Configuring Anypoint Platform as an Azure AD Service Provider SSO

Configure Anypoint platform to use Azure AD as an external identity provider (IDP), including, Single Sign-on (SSO) and the mapping of Azure AD groups to Anypoint platform roles and role groups.

The article will help you through basic knowledge for incorporating Azure AD as an external identity provider to the Anypoint platform. It will also help to set the basic integration and SSO setup between Azure AD and the Anypoint platform.

Before we start, keep in mind that the Relying Party Trust will need to be created manually as we do not provide a metadata file (nor is its use supported). 

Posted on

Securing Open Liberty Applications With Azure Active Directory via OpenID Connect

Long gone are the days when you had to create your own user account management, authentication, and authorization for your web delivered software. Instead, contemporary applications leverage these functions (Identity and Access Management, IAM for short) from an external provider. As a full featured Java application runtime, Open Liberty has great options for externally provided IAM. Open Liberty supports IAM mainstays such as social media login, SAML and OpenID Connect. In Bruce Tiffany's blog post Securing Open Liberty apps and micro-services with MicroProfile JWT and Social Media login, you have a solid example on how to use the Open Liberty social media login feature to authenticate users using their existing social media credentials. In this blog post, let's take a look at another example on how to configure the Liberty social login feature as an OpenID Connect client to secure Java applications with Azure Active Directory.

The code used in this blog post is hosted on this GitHub repository as part of the official Azure samples - feel free to check it out and follow its user guide to run the Java EE demo application before or after reading this blog.

Posted on

Authorization Approach for Multiple Web API Providers

Azure Active Directory (Azure AD) is a popular enterprise identity service used by many organizations for enabling single sign-on for applications and protect their web APIs.

Version 2.0 of Microsoft Identity platform (aka Azure AD) is the latest and improved implementation of OpenId Connect (OIDC) based authentication and OAuth 2.0 authorization flows.