Capturing a Second Factor Before Full Trust
Capturing a Second Factor Before Full Trust: A Smarter Onboarding Flow In most traditional account creation flows, users are granted full access right after setting up a username and password.…
Enforcing a Second Factor in Entra ID: How to Secure Users Who Never Had One
Enforcing a Second Factor in Entra ID: How to Secure Users Who Never Had One If a user isn’t using a second factor, they’re a risk. Many organizations still have…
Inbound versus Outbound SSO
🔐 Inbound SSO (Single Sign-On) Definition:Inbound SSO means users from an external identity provider (IdP) can sign into your application or service using their existing credentials. Your application becomes the…
OAuth – a primer
Understanding OAuth: Client Types, Flows, and Key Concepts OAuth is the backbone of modern API security, enabling controlled access to resources without sharing user credentials. At its core, OAuth is…
Two OAuth Flows – Public and Private
Public Flow - Through the Browser, Token returned to the browser. Implicit Grant Flow Private/Confidential Clients (Backend OAuth Flow), Client Credentials Flow Public clients use different authorization flows, like…
Bearer Tokens Based Authentication
Bearer Tokens Based Authentication Bearer Tokens can be either OAuth Authorization Code Grant Flow OR Client Credentials Grant Flow OAuth Authorization Code Grant While there are a number of different…
Private Key JWT Authentication
Private Key JWT Authentication Private Key JWT (JSON Web Token) Authentication is a method where a client uses a private key to sign a JWT that authenticates it to a…
WFH and Remote Access Security Risks
Mitigation - Important multi-factor authentication automatic session timeouts and access monitoring Unauthorized access to devices Any machine that is capable of connecting to your network should be protected using multi-factor…
Work from Home – Laptop Options
The VDI Option The simplest and most configurable. The VDI can also be domain joined to either the on premises Windows Server AD or to an Azure only AAD domain.…
Domain joining an Azure VDI to a corporate Windows Server AD
Can you domain join an Azure VDI to a corporate Windows AD? Yes. Windows Server Active Directory Domain Services (ADDS) which is synchronized with Azure Active Directory (AAD) using Azure…