Introduction: This post builds on the information from the previous post and I will assume that you already have an Azure Key Vault, an AAD Application registration, and a certificate file. We will cover the following steps in this blog in order to use a certificate from an Azure Function App: Create an Azure Function App Upload the certificate to the Function App Configure the Function App to load certificate…
Read MoreWalkthrough: how to retrieve an Azure Key Vault secret from a console app using client credentials flow with certificate
Introduction This is a code walkthrough to show you how to create a .Net console application to authenticate to Azure Active Directory using OAuth2 Client Credentials flow to get an access token to Azure Key Vault. It then uses the access token to call Azure Key Vault to get a secret. The following steps will be performed in this post: Create an Azure Key Vault Create a new self-signed certificate…
Read MoreTesting B2C Resource Owner Password Credentials ( ROPC ) policies using PostMan
Below are the basic steps for using PostMan to test a B2C Resource Owner Password Credentials ( ROPC ) policy. You will need a set of user credentials along with a Application ID of a B2C Native application that will be used to retrieve the token. Obtain the token endpoint from the B2C ROPC Policy 1. In the portal, locate the B2C blades by searching for B2C, then locate the…
Read MoreHow to change a display Name of a registered application from another application
Introduction: This post will show you to change a displayName of a registered web application from another application using client credentials flow with Application Permission Walk Through steps: 1) In Azure AD’s App Registration portal, create 2 new app registrations called TestAppA and TestAppB. We will use TestAppA to change the display Name of TestAppB. It is not important what permission you configure for TestAppB. For TestAppA make sure you…
Read MoreQuery String is not allowed in redirect_uri for Azure AD
Problem: See update at the end. This is no longer an issue. Customer configures the following redirect URLs for his registered application in Azure AD and issues the following request to authenticate to Azure AD: GET https://login.microsoftonline.com/<tenant id>/oauth2/authorize?client_id=<app id>&redirect_uri=https%3a%2f%2flocalhost%3a44396%2fbac%2faad%3freqId%3dA123&response_mode=form_post&…. After logging in he is redirected to https://localhost:44396/bac/aad instead of https://localhost:44396/bac/aad?reqId=A123. The redirected URL does not have anything after the query string. Root Cause: The behavior is by design. This is…
Read MoreChanging an existing Native Application to a Web App/API to get existing keys
Introduction This article is meant to help get the keys from your native application. We used to show the keys in native applications however we took out that feature because the native application is not meant to have keys/secrets. As a result some people have had keys/secrets with their native applications however they currently still use those keys/secrets. This article is to help those people in order to get…
Read More