Understanding Azure AD token signing certificate (kid)

Introduction Upon successful authentication, Azure AD issues a signed JWT token (id token or access token). The resource application needs to know the public key of the certificate used sign the token in order to validate the token signature. Depending upon the type (OAuth2 or SAML Application) of the resource application, the steps to obtain the pubic key information are different. An OWIN asp.net application can throw the following error…

Read More

How to Create and Add Keys to Enterprise Applications for Expired Keys

Introduction This article is broken up into a couple of different sections based on what you are trying to do. Trying to modify the service principals credentials typically is meant for accessing an application that is multi-tenanted and the client secret has expired and they need a fix to resolve a wide outage due to an expired client secret. This typically has to do with a key expiring, many people…

Read More

Changing an existing Native Application to a Web App/API to get existing keys

Introduction   This article is meant to help get the keys from your native application. We used to show the keys in native applications however we took out that feature because the native application is not meant to have keys/secrets. As a result some people have had keys/secrets with their native applications however they currently still use those keys/secrets. This article is to help those people in order to get…

Read More