𝐇𝐨𝐰 𝐝𝐨 𝐲𝐨𝐮 𝐞𝐧𝐬𝐮𝐫𝐞 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐚𝐧𝐝 𝐚𝐮𝐝𝐢𝐭𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐰𝐡𝐞𝐧 𝐦𝐚𝐧𝐚𝐠𝐢𝐧𝐠 𝐒𝐞𝐫𝐯𝐢𝐜𝐞 𝐏𝐫𝐢𝐧𝐜𝐢𝐩𝐚𝐥𝐬 𝐚𝐧𝐝 𝐒𝐒𝐎 𝐚𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬 𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐄𝐧𝐭𝐫𝐚 𝐈𝐃?

My proposal with Backstage & Maester
#EntraID #IAM #DigitalIdentity

𝐏𝐚𝐫𝐭𝐧𝐞𝐫 𝐯𝐬 𝐂𝐮𝐬𝐭𝐨𝐦𝐞𝐫:
👉 Social Federation (Apple ID) vs Workforce Federation (Okta).
👉 Different levels of compliance and security.
👉 Different business owners and processes - but maybe the same tools and applications.
👉 Different SLA.

👉 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐢𝐬𝐧'𝐭 𝐣𝐮𝐬𝐭 𝐚𝐛𝐨𝐮𝐭 𝐡𝐚𝐯𝐢𝐧𝐠 𝐬𝐭𝐫𝐨𝐧𝐠 𝐩𝐚𝐬𝐬𝐰𝐨𝐫𝐝𝐬...

It's about understanding your users, risk profile, and regulatory requirements to implement the RIGHT security measures for each context.
And you? Do you use similar authentication/authorization methods like on the screen?

What is the best tool to review public Entra ID Tenant data?

For me: AADInternals OSINT (site & PowerShell module)

We can get complete details about the tenant, including:
👉 Tenant ID
👉 Tenant Name (onmicrosoft domain)
👉 Domains (all domains connected with tenant)
👉 Brand name

#EntraID

Do you need to meet complicated password requirements?
Feel free to use a 60-character password.

PS> To improve security, I pasted it as a picture!

💡 𝐌𝐲 𝐄𝐧𝐭𝐫𝐚 𝐄𝐱𝐭𝐞𝐫𝐧𝐚𝐥 𝐈𝐃 𝐀𝐫𝐜𝐡𝐢𝐭𝐞𝐜𝐭𝐮𝐫𝐞 💡

I recommend a couple of components:
👉 Management API.
👉 User Flows & Customization.
👉 Entra ID as Code.
👉 Profile as a central place to manage user details.
👉 My demo application: Portal.

🏷️ Extra: Verified ID for External ID tenant
#EntraID #CIAM

A friendly reminder ;)
👉 Use Fido2 keys
👉 Use software passkey with your password managers
👉 Verifiable Credentials can also be used as a passwordless method
🚀 Passwordless is easier to use than complex long password

I checked my bank account history three times. The wire was not provided to me ;)

Link: www.ft.com/content/9921...

👉Blog Post Alert

Discover how token enrichment can streamline your customer authentication processes and enhance security.
Explore how the Identity Platform can support your business needs and unlock new possibilities.

🚀I stopped using Visio, and other tools for:

👉 Big Picture diagrams
👉 Sequence Diagrams

And moved to PlantUML, creating all diagrams as code.

And you?

Simple & Amazing tool to stress your HTTP
github.com/codesenberg/...

PS> Are you ready to return 429 status code 🤔

Entra ID vs Entra External ID

👉Do you know that there are two different tenant types?
👉Do you know that there is a dedicated tenant for your customers? Were you fully separated from your organization?
#IAM #CIAM #EntraID

Magic Link? Three facts about:
#authentication #authorization #digitalidentity

💡 With Verifiable Credentials

👉 a full authorization flow for payments (I created a Factorlabs Bank Demo to show you the Business Case 🪙

👉also authorize access (also physical access) as a security guard 🤵

Do you have any scenario with authentication and/or authorization scenarios?

My favourite 'Cost analysis' view is Group by resource with the Daily Granuariry:
- My workloads are 'stable' I don't have picks so monthly prediction can be based on a daily consumption
- Based on the diagram I can decide and move to another resource type to limit the cost of the solution

Need a Morse Code Translator?
Check morsecodetranslator.com also there is a GitHub repository :)
github.com/ozdemirburak...

Build your own Morse Translator 🥸

#ItCanBeFun

Blog Post Alert!

mjendza.net/post/ai-as-d...

This post will summarise my notes on how I use AI daily as a software developer.

PS> I’m not an AI expert; I’m only a user of AI tools, which are helping me with the software development process.