.NET Core Identity Server 4 Authentication VS Identity Authentication

I'm trying to understand the proper way to do authentication in ASP.NET Core. I've looked at several Resource (Most of which are out...

Getting exception suddenly from entityframework

I get this exception from time to time : The 'Email' property on 'User' could not be set to a 'System.Int64' value. You must set this property to a non-null value of type 'System.String'. Method...

Overriding OnTokenValidated JwtBearerEvents with Custom function .NET Core 2

In my API project I am handling authentication with JwtBearer (users login using Azure). When the API is called the token is being validated with the defined Azure instance and this all works...

Keycloak identity brokering (to Azure AD) blocked by corporate proxy on authorization_code exchange

I have AzureAD as external OIDC provider registered at Keycloak. Keycloak redirects client authorization requests to AzureAD for providing the authorization. Keycloak is running on my workstation...

Azure ARM Template Keyvault Resources keeps removing other access policies

I created an ARM template to deploy an Azure WebApp that is using Managed Service Identity authentication with KeyVault for secrets. So the ARM template creates the WebApp resource and enables...

IIdentity when running a containerized application?

So I'm relatively new to containers in the cloud. I've done some proof of concepting with Azure Container Instances (example : https://xpirit.com/2017/11/12/containers-as-a-service-in-azure/), and...

Fetching access token for keyvault

I have published a web app locally and hooked it up to IIS. When I try to navigate to the site it fails at startup with the following error when trying to access the keyvault: Application startup...

Access Azure Table Storage with Azure MSI

I recently setup my .net core application to use MSI (Managed Identity) to communicate with Azure Blob. Does MSI work with Azure Table Storage? Can't seem to find any documentation on it. I am...

App service to app service auth in Azure using Managed Identity

I have set up two App Services in Azure. 'Parent' and 'Child', both expose API endpoints. Child has endpoint 'Get'. Parent has endpoints 'Get' and 'GetChild' (which calls 'Get' on Child using...

How to access Azure Key Vault (AKV) from Azure Kubernetes Service (AKS) using Managed Identities

We have some dotnet Core App Services running on Azure and using Azure key Vault with Managed Identities. Planning to deploy these dotnet core services to azure kubernetes but I haven't found any...

AzureServiceTokenProviderException using key vault

I don't know what is wrong, anyone got any ideas? I just followed this tutorial: https://docs.microsoft.com/da-dk/azure/key-vault/vs-key-vault-add-connected-service#feedback This error only...

Docker fails to pull the image from within Azure App Service

The Container Setting on the App Service it self look solid: But the log pane shows errors: 2020-02-11 06:31:40.621 ERROR - Image pull failed: Verify docker image configuration and credentials...

SQL Azure connection error with User Assigned Managed Identity 'Login failed for user'

I have a function app that is assigned a user assigned managed identity, and it uses that to connect to the SQL database. This was working fine for a few days, but then suddenly stopped working,...

Azure service principal vs managed identity vs (enterprise) application

I want to create some kind of service account that I use as an identity for the application like a web app. I also want to use the credentials of this identity on-premises for local testing. How...

Net core Key vault configuration using Azure.Security.KeyVault.Secrets

I have found out it is easy to connect to Azure KeyVault using Managed Identity. The documentation shows how to do it : var azureServiceTokenProvider = new...

DefaultAzureCredential().GetTokenAsync fails when using custom scope when running in Azure

I'm trying to get service-to-service authentication working in Azure AD. I have it working when the two services (webapps) are running locally against an Azure AD app registration. But when the...

Data Ingestion Patterns in Data Factory using REST API

I am reaching out to you gather best practices around ingestion of data from various possible API's into a Blob Storage. I am considering to interface with all the various possible API's using...

IDW10201: Neither scope or roles claim was found in the bearer token

I have a ASP.NET Core 3.1 project like this sample: Sign-in a user with the Microsoft Identity Platform in a WPF Desktop application and call an ASP.NET Core Web API. I'm using Identity web...

AKS AGIC Application Gateway Ingress Controller Not Deploying

I created a new cluster, created an application gateway and then installed AGIC per the tutorial. I then configured the ingress controller with the following config: # This file contains the...

Impersonate Azure Service Principal from a Google Service Account

I'd like to obtain temporary credentials for an Azure Service Principal (SP) using a Google Service Account JWT token. This is needed for calling Azure APIs from a GKE workload, without having to...

Azure AD v2 roles not included in Access Token

I'm using https://login.microsoftonline.com/.../oauth2/v2.0/token to authenticate (authorization_code grant) to azure Ad using the scopes: offline_access, openid, profile, User.Read According to...

Service principal (SPN) usage in SDK for java, to access azure storage

I am new to the Azure SDK for Java. So far I could not find a solution on how to: either: use SPN credentials directly or: use SPN to create a SAS to access Azure Storage (blob). The...

How to get Role definition Id of an custom role in ARM template?

I am currently creating an ARM template for an azure custom role and managed Identity. I can successfully create a custom role and managed Identity.Now I want to assign that custom role to that...

Allow passing id_token instead of Access Token to api

I have an older webapp that has implict flow I need to continue to support. I tried to use Microsoft.Identity.Web 1.9.0.0 but it does not allow me to use id_token it requires only access token in...

How authorization code flow works in single page applications?

Hi I am exploring some of the authentication and authorization flows with respect to azure active directory. I was using previously oath implicit flow in single page application. After spending...

Connect to SharePoint via Graph, Sites.Selected and Managed Identity

I am testing the new "Sites.Selected" Permission in MS Graph and wanted to combine it with managed Identity to connect to SharePoint Online. I've read on some blogs that the new permission won't...

ARM Template - auto approval of managed private endpoint

I am developing an ARM template for Azure Data Factory with managed private endpoints to SQL Server and Azure Datalake. However, when the ARM template completes execution, the managed private...

Spring Batch: Could not increment identity; nested exception is com.microsoft.sqlserver.jdbc.SQLServerException: Invalid object name 'BATCH_JOB_SEQ'?

We are in the process of moving to Azure SQL Server from Oracle DB for our Spring Batch application. I am getting the following error while trying to execute the job post migration to SQL...

IDX21323: RequireNonce is '[PII is hidden]'. OpenIdConnectProtocolValidationContext.Nonce was null

I know there are several threads on the same but none of the solution works for me, is there any solution. The strange thing is when I run the application in IE it works where as in Edge I got...

App Service Managed Identity and Key Vault the right way

I am currently trying to deploy out a resource group using azure bicep, however, I am running into an issue using key vault for my azure app service. I would like to know if I am actually doing...