Learning by Doing!

Control access to Azure Storage Blobs with Attribute-based Access Control conditions

Let's look at how to configure access to Azure Storage Blobs using Attribute-based Access Control (ABAC) paired with Custom Security Attributes

Posted on January 15, 2022

Last week I published a blog post describing the basics of Custom Security Attributes, and how it can be utilized paired with ABAC. Now I will dive further into this topic and describe how to get a working configuration with ABAC conditions using Custom Security Attributes for Azure Blobs Storage.... [Read More]

Block legacy authentication protocols using Azure AD Conditional Access policy

Let's look at blocking legacy authentication protocols in a global company's Azure AD with full control and ease of mind

Posted on January 13, 2022

I recently worked with a global company to help them tighten the security in their Azure AD tenant, including blocking legacy authentication protocols with Conditional Access policies. Now, blocking legacy authentication isn’t anything new, and there are official Microsoft documentation, guides and blog posts covering this topic, but none the... [Read More]

Getting started with Custom Security Attributes in Azure AD

This blogpost explores the new Custom Security Attributes public preview feature in Azure AD

Posted on January 4, 2022

Azure AD has a schema with common attributes for resources like users, e.g. displayName, userPrincipalName, companyName, department and so on. You can also add custom extension attributes via an Application object to extend the schema. However, these attributes are public for all Azure AD users in the organization and should... [Read More]

Getting started with Custom Extensions in Entitlement Management for Azure AD

Microsoft released a new public preview feature for Azure AD Identity Governance during Ignite this week, namely Custom Extensions for Entitlement Management. Let's dive into what it is and how to use it for identity and access lifecycle management automation.

Posted on November 4, 2021

Custom Extensions really brings a new flavor to Entitlement Management. Let’s first look at what it is. [Read More]

Getting started with Azure AD extension attributes

Learn how to add custom extension attributes to Azure AD objects

Posted on October 16, 2021

If you need to populate values on Azure AD objects like users and groups, but there are no available attributes in the default Azure AD schema fit for the purpose, an easy solution is to add custom extension attributes to an Application object (app registration) and then populate the attributes... [Read More]

Getting started with Microsoft Graph

Let's go from zero to somewhat hero by getting familiar with topics like REST API, JSON, HTTP methods, access tokens, permission scopes, Graph Exporer, Powershell SDK and more in this blogpost series covering Microsoft Graph.

Posted on October 4, 2021

Intended for – but not limited to – IT Pros and developers who are familiar with Powershell or other scripting and code languages, who work with Microsoft cloud services, but still haven’t started to look into Microsoft Graph. The goal of this blogpost series is to understand what Microsoft Graph... [Read More]

My first-ever blog post walks through how to configure automated user provisioning and single-sign-on from Azure AD to SaaS apps, specifically for Workplace from Facebook

Posted on August 28, 2021

Azure AD has many key strengths and features, automated user provisioning and single-sign-on (SSO) capabilities for a number of SaaS apps being two of them. [Read More]

Learning by Doing!

Learning by Doing!

Control access to Azure Storage Blobs with Attribute-based Access Control conditions

Let's look at how to configure access to Azure Storage Blobs using Attribute-based Access Control (ABAC) paired with Custom Security Attributes

Block legacy authentication protocols using Azure AD Conditional Access policy

Let's look at blocking legacy authentication protocols in a global company's Azure AD with full control and ease of mind

Getting started with Custom Security Attributes in Azure AD

This blogpost explores the new Custom Security Attributes public preview feature in Azure AD

Getting started with Custom Extensions in Entitlement Management for Azure AD

Microsoft released a new public preview feature for Azure AD Identity Governance during Ignite this week, namely Custom Extensions for Entitlement Management. Let's dive into what it is and how to use it for identity and access lifecycle management automation.

Getting started with Azure AD extension attributes

Learn how to add custom extension attributes to Azure AD objects

Getting started with Microsoft Graph

Let's go from zero to somewhat hero by getting familiar with topics like REST API, JSON, HTTP methods, access tokens, permission scopes, Graph Exporer, Powershell SDK and more in this blogpost series covering Microsoft Graph.

Getting started with Microsoft Graph - part 2

The second blogpost in the series explains the Microsoft Graph.

Getting started with Microsoft Graph - part 3

The third blogpost in the series explains the Graph Explorer.

Getting started with Microsoft Graph - part 4

The forth blogpost in the series explains the Graph Powershell SDK.

Getting started with Azure AD App Provisioning and single-sign-on

My first-ever blog post walks through how to configure automated user provisioning and single-sign-on from Azure AD to SaaS apps, specifically for Workplace from Facebook