Introduction Upon successful authentication, Azure AD issues a signed JWT token (id token or access token). The resource application needs to know the public key of the certificate used sign the token in order to validate the token signature. Depending upon the type (OAuth2 or SAML Application) of the resource application, the steps to obtain the pubic key information are different. An OWIN asp.net application can throw the following error…
Read MoreHow to Update an Application Logo in Azure using AAD Graph
Introduction For branding purposes, you can customize the logo for your app registration. Normally, this is done manually through the portal: However, if you have a scenario where you have many tenants to update, this can be a very tedious process and so automation can come in handy. The purpose of this blog post is to show you how this can be updated via code. Since the endpoint requires a…
Read MoreAzure Active Directory reporting API with MS Graph
Introduction As documented here, the Microsoft Graph Reporting API can be used to get the audit logs (https://graph.microsoft.com/beta/auditLogs/directoryAudits) and the sign-ins reports (https://graph.microsoft.com/beta/auditLogs/signIns). The old reports endpoint using Azure AD Graph is now deprecated and attempting to use that legacy end point to get the auditEvents can result in the following error: GET https://graph.windows.net/<tenant>.onmicrosoft.com/reports/auditEvents?api-version=beta { “error”:{ “code”:”Deprecated_ActivityReports”,”message”:”This API is deprecated as part of old azure classic portal, please…
Read More