In a previous post, Adventures with Dataverse: Migrating Microsoft SQL Server Tables to Dataverse Tables – Matt Ruma, I walked through migrating a SQL Database to Microsoft Dataverse. In this post, I want to look at adding security roles to control access to the Dataverse entities. The first security role I will create is for…
As I was “sharpening my saw” with deploying Power Platform solutions from one environment to another I ran into a “gotcha” that took a couple of days to resolve! Ugh! Let me set the stage. In my Dev environment I have a solution that contains the following: The Sample 1 Item List cloud flows consists…
I have an API hosted in Azure APIM with a jwt-policy that validates against Azure AD, boy, that was a mouthful! My jwt-policy is located in the All Operations for my API. I created an app registration for my API. I gave it a more “friendly” Application ID URL and exposed an API in the…
In adding the built-in Authentication support to an Azure App Services, I ran into a challenge where I kept getting a 401 Status Code whenever I called an API endpoint. The first thing after setting up Azure Active Directory as my Identity Provider, I used Postman to call the oauth2 token endpoint to get a…
With Blazor Web Assembly officially released I decided to take one of my side projects and write the front end in Blazor. I was able to wire up Azure AD B2C for authentication. What I wanted to do next was to take a look at the Claims that were available, I knew how to do…
When working with the Azure Portal, sometimes the simple tasks can seem difficult to accomplish. In a recent project I needed to to wire up an Azure Key Vault task to retrieve secrets for a deployment in Azure DevOps. In order for the deployment to be able to retrieve the Azure Key Vault secrets the…
Lately I have been working a lot with Azure AD B2C. One of my most recent requests was to customize the Sign In and Sign Up pages. If my memory was serving me correctly, which is often not the case, I thought this was possible, just didn’t know what challenges or issues I was going…
In a previous article, Adventures with Azure AD: Group Overage Claim, I talked about how to handle, in an ASP.NET MVC Core application, the group overage claim that is sometimes returned in the claims for an authenticated user. I had a customer contact me saying that the code I provided them was not working as…
I have an ASP.NET Core 2.2 Web App. My app authenticates users with OpenIdConnect against Azure Active Directory. I want to use the Security Groups of the authenticated user for role authorization inside my app. To do this, I needed to setup my App Registration in Azure AD to return the Security Groups as claims….
The repository https://github.com/mattruma/SampleAzureADAuthentication has a couple of a sample ASP.NET MVC Core 2.2 applications demonstrating how to authenticate a user against Azure AD and authorize a user based on Security Groups in Azure AD. The first example uses a custom IAuthorizationFilter to look at the groups in principal claims. The second example uses a custom…
