Azure trainings!
Infused with experience from the field, brought with lots of passion!

Securely distributing client secrets within the organization

Securely distributing client secrets within the organization

The weakest link in security is the human element.  This statement gets regularly confirmed, when we are setting up OAuth2 or Open ID Connect at a customer.  This blog explains the security issue and how you can overcome it with some very little effort. The problem In...
Enforce basic authentication in Azure API Management

Enforce basic authentication in Azure API Management

When connecting with legacy systems, Basic Authentication is often the only supported security scheme that is available.  Azure API Management has an out-of-the-box policy that implements Basic Authentication between API Management and the backend API (backdoor). ...
New workflow expressions for Logic Apps triggers!

New workflow expressions for Logic Apps triggers!

Today, Mötz Jensen, informed me on Twitter about the ability to access the Logic Apps correlation id (client-tracking-id) at runtime.  After some investigation, it turns out that there are some new (but undocumented?) properties available on the trigger() object:...
Role-based access control in Logic Apps

Role-based access control in Logic Apps

Since recently, Logic Apps has the ability to configure OAuth2 authorization on the HTTP trigger.  You can define authorization policies, that perform basic validations on the claims inside the incoming Bearer token. Role-based access control When securing API...