Modernizing application authentication away from #MicrosoftAD to Microsoft #EntraID, or extending Entra ID to on-premises apps requires extensive, expensive, and time-consuming rewrites. What if you didn't have to rewrite every app that relies on AD, though? Strata Identity's Maverics Identity Orchestration Platform acts as a proxy that supports any modern identity provider (IDP) to authenticate and authorize users. Plus, it can support multiple concurrent IDPs, which means it can be configured to authenticate users differently based on who they are or where they are located.
Aaron Bouhall’s Post
More Relevant Posts
-
Secure(and easy) solution for authentication (signing-in users) and authorization (providing access to secure data and resources) in Azure App Service and Azure Functions with Microsoft Entra External ID! #microsoftidentity #entra #entraexternalid
Easy authentication with Azure App Service and Microsoft Entra External ID | Microsoft Entra Identity Platform
https://devblogs.microsoft.com/identity
-
General Availability - Just-in-time application access with PIM for Groups https://lnkd.in/gW8zSWVp Provide just-in-time access to non-Microsoft applications such as AWS & GCP. This capability integrates PIM for groups, and application provisioning to reduce the activation time from 40+ minutes to roughly 2 minutes when requesting just-in-time access to a role in a non-Microsoft app.
What's new? Release notes - Microsoft Entra
learn.microsoft.com
-
📢Public Preview 👉 OpenID Connect in Microsoft Entra External ID With a few simple steps you connect your OIDC with Entra External Id: 1️⃣ Register Entra app with settings and redirect URLs. 2️⃣ Obtain client ID, credential, and endpoint details. 3️⃣ Link token claims with user attributes for account creation. 4️⃣ Add identity provider and activate in user flow settings. This allows you to easily implement solutions like itsme® in your external identity flow. If you're an ISV you should really check this out Learn more 👉https://lnkd.in/dap3964z
Announcing the Public Preview of OpenID Connect external identity provider support for Microsoft Entra External ID | Microsoft Entra Identity Platform
https://devblogs.microsoft.com/identity
-
#OpenIDConnect “…Federate with government and citizen identity providers: Establish secure authentication with government and citizen identity providers….” https://lnkd.in/e7CJRCSN Towards a national identity strategy. Four key priorities for government transformation; - enhance #security in support of digital government transformation - simplified user access #sso - standardise #authorization cross service providers - #developer convenience in the transition to modernised digital government operations and application development
📢Public Preview 👉 OpenID Connect in Microsoft Entra External ID With a few simple steps you connect your OIDC with Entra External Id: 1️⃣ Register Entra app with settings and redirect URLs. 2️⃣ Obtain client ID, credential, and endpoint details. 3️⃣ Link token claims with user attributes for account creation. 4️⃣ Add identity provider and activate in user flow settings. This allows you to easily implement solutions like itsme® in your external identity flow. If you're an ISV you should really check this out Learn more 👉https://lnkd.in/dap3964z
Announcing the Public Preview of OpenID Connect external identity provider support for Microsoft Entra External ID | Microsoft Entra Identity Platform
https://devblogs.microsoft.com/identity
-
Seeking a role in sustainability | Cross-functional product leader with 20 years of technical project design and delivery experience
Learn how to add #authentication to your customer facing #Azure #AppService apps in minutes with #Microsoft #Entra #ExternalID #CustomerIdentity #CIAM #Identity #IdentityManagement #DeveloperExperience #DevEx
Easy authentication with Azure App Service and Microsoft Entra External ID | Microsoft Entra Identity Platform
https://devblogs.microsoft.com/identity
-
IT Cybersecurity Director | Tecnology Executive | Security Strategy and Digital transformation - Security Architecture & Operations | Cloud Expertise | Malware Analysis, TH and Threat Intelligence | Board Advisor
#Passkeys in Microsoft #Authenticator will be generally available in mid-January 2025! With the general availability of passkeys in Microsoft Authenticator, the need to have key restrictions set to use passkeys in Microsoft Authenticator will disappear. So, by mid-January, passkeys will become a fully functional phishing-resistant authentication option equivalent to physical #FIDO2 keys. Attestation is already supported now, and in mid-January the preview phase will disappear and support without key restrictions will come. Conversely, if you don't want to support passkeys in Microsoft Authenticator for some reason, you'll need to implement key restrictions and start actively blocking iOS and Android apps. If you plan to allow users to sign in with passkeys in Microsoft Authenticator, you don't need to do anything and it will be fully functional by mid-January. And if you have conditional access policies that require passkey/FIDO2, users will automatically be prompted to register passkeys in Microsoft Authenticator. Details can be found directly in the Microsoft 365 Message Center https://lnkd.in/e_KcyRHM
MC920300 - Microsoft Entra: Enablement of Passkeys in Authenticator for passkey (FIDO2) organizations with no key restrictions
mc.merill.net
-
Chief Technology and CyberSecurity Officer | Microsoft France ExCo Member | AI Thought Leader | Executive Coach
#Passkeys in Microsoft #Authenticator will be generally available in mid-January 2025! With the general availability of passkeys in Microsoft Authenticator, the need to have key restrictions set to use passkeys in Microsoft Authenticator will disappear. So, by mid-January, passkeys will become a fully functional phishing-resistant authentication option equivalent to physical #FIDO2 keys. Attestation is already supported now, and in mid-January the preview phase will disappear and support without key restrictions will come. Conversely, if you don't want to support passkeys in Microsoft Authenticator for some reason, you'll need to implement key restrictions and start actively blocking iOS and Android apps. If you plan to allow users to sign in with passkeys in Microsoft Authenticator, you don't need to do anything and it will be fully functional by mid-January. And if you have conditional access policies that require passkey/FIDO2, users will automatically be prompted to register passkeys in Microsoft Authenticator. Details can be found directly in the Microsoft 365 Message Center https://lnkd.in/e_KcyRHM
MC920300 - Microsoft Entra: Enablement of Passkeys in Authenticator for passkey (FIDO2) organizations with no key restrictions
mc.merill.net
-
For Dynamics365 users, a heads up that Microsoft has deprecated the Hierarchy Control, most popularly used as a way to visualize Account Hierarchies. You can re-enable it for now, but after April 2025, you will have to come up with another solution (either via a PCF control or other coded solution) to display Account Hierarchies. https://lnkd.in/gas9Pmvm #Dynamics365 #Microsoft #msdyn365
Important changes (deprecations) coming in Power Platform - Power Platform
learn.microsoft.com
-
I help Product Security Teams deliver high performance | AppSec Expert with over 15 yrs of experience | Author of 2 books and Black Hat Trainer | Building the world's best Security Training Platform, @AppSecEngineer
Azure User-Assigned Managed Identity is very convenient. It allows you to define a a single managed identity instance that can be used for multiple resources. I see that this is used very poorly by Azure users for their apps. i.e. They assign very broad scoped managed identities to resources that don't need that level of access. Remember - this is equally bad (if not worse) than using broad scope user access assignment.
