• Home
  • Contact Cloud Identity Architect
  • Privacy Policy for AdverSite Web Holdings, Inc.

Cloud Identity Architect

Identity Solutions for the Public and Hybrid Cloud

  • Active Directory (On Premises)
  • API Authentication
  • Azure AD
  • Entra ID
  • Graph API
  • JWT
  • MFA
  • OAuth 2.0
  • Office 365
  • SAML
  • SCIM
  • Securing Identity
  • SSO
  • Transport Layer
  • Troubleshooting – network and identity
  • Uncategorized

Capturing a Second Factor Before Full Trust

anuj May 21, 2025 Capturing a Second Factor Before Full Trust2025-05-21T00:33:59+00:00 Entra ID No Comment
Capturing a Second Factor Before Full Trust: A Smarter Onboarding Flow In most traditional account creation flows, users are granted full access right after setting up a username and password.…
Continue Reading

Enforcing a Second Factor in Entra ID: How to Secure Users Who Never Had One

anuj May 21, 2025 Enforcing a Second Factor in Entra ID: How to Secure Users Who Never Had One2025-05-21T00:11:32+00:00 Azure AD No Comment
Enforcing a Second Factor in Entra ID: How to Secure Users Who Never Had One If a user isn’t using a second factor, they’re a risk. Many organizations still have…
Continue Reading

Inbound versus Outbound SSO

anuj May 9, 2025 Inbound versus Outbound SSO2025-05-09T15:25:05+00:00 SSO No Comment
🔐 Inbound SSO (Single Sign-On) Definition:Inbound SSO means users from an external identity provider (IdP) can sign into your application or service using their existing credentials. Your application becomes the…
Continue Reading

OAuth – a primer

anuj April 25, 2025 OAuth – a primer2025-04-25T20:24:06+00:00 OAuth 2.0
Understanding OAuth: Client Types, Flows, and Key Concepts OAuth is the backbone of modern API security, enabling controlled access to resources without sharing user credentials. At its core, OAuth is…
Continue Reading

Two OAuth Flows – Public and Private

anuj March 14, 2025 Two OAuth Flows – Public and Private2025-03-14T14:59:27+00:00 OAuth 2.0
  Public Flow - Through the Browser, Token returned to the browser. Implicit Grant Flow Private/Confidential Clients (Backend OAuth Flow), Client Credentials Flow  Public clients use different authorization flows, like…
Continue Reading

Bearer Tokens Based Authentication

anuj January 18, 2025 Bearer Tokens Based Authentication2025-01-18T01:49:31+00:00 API Authentication
Bearer Tokens Based Authentication Bearer Tokens can be either OAuth Authorization Code Grant  Flow OR Client Credentials Grant Flow OAuth Authorization Code Grant While there are a number of different…
Continue Reading

Private Key JWT Authentication

anuj November 13, 2024 Private Key JWT Authentication2024-11-13T03:05:54+00:00 JWT
Private Key JWT Authentication Private Key JWT (JSON Web Token) Authentication is a method where a client uses a private key to sign a JWT that authenticates it to a…
Continue Reading

WFH and Remote Access Security Risks

anuj October 21, 2024 WFH and Remote Access Security Risks2024-10-21T15:10:46+00:00
Mitigation - Important multi-factor authentication automatic session timeouts and access monitoring Unauthorized access to devices Any machine that is capable of connecting to your network should be protected using multi-factor…
Continue Reading

Work from Home – Laptop Options

anuj October 21, 2024 Work from Home – Laptop Options2024-10-21T15:10:17+00:00 Troubleshooting - network and identity
The VDI Option The simplest and most configurable. The VDI can also be domain joined to either the on premises Windows Server AD or to an Azure only AAD domain.…
Continue Reading

Domain joining an Azure VDI to a corporate Windows Server AD

anuj October 15, 2024 Domain joining an Azure VDI to a corporate Windows Server AD2024-10-15T01:40:49+00:00 Active Directory (On Premises)
Can you domain join an Azure VDI to a corporate Windows AD? Yes. Windows Server Active Directory Domain Services (ADDS) which is synchronized with Azure Active Directory (AAD) using Azure…
Continue Reading
123›»

Recent Posts

  • Capturing a Second Factor Before Full Trust
  • Enforcing a Second Factor in Entra ID: How to Secure Users Who Never Had One
  • Inbound versus Outbound SSO
  • OAuth – a primer
  • Two OAuth Flows – Public and Private

Recent Comments

  • WFH and Remote Access Security Risks - Cloud Identity Architect on Work from Home – Laptop Options

Archives

  • May 2025
  • April 2025
  • March 2025
  • January 2025
  • November 2024
  • October 2024
  • October 2022
  • January 2022
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • September 2020

Categories

  • Active Directory (On Premises)
  • API Authentication
  • Azure AD
  • Entra ID
  • Graph API
  • JWT
  • MFA
  • OAuth 2.0
  • Office 365
  • SAML
  • SCIM
  • Securing Identity
  • SSO
  • Transport Layer
  • Troubleshooting – network and identity
  • Uncategorized

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Search

Recent Posts

  • Capturing a Second Factor Before Full Trust
  • Enforcing a Second Factor in Entra ID: How to Secure Users Who Never Had One
  • Inbound versus Outbound SSO
  • OAuth – a primer
  • Two OAuth Flows – Public and Private

Pages

  • Contact Cloud Identity Architect
  • Privacy Policy for AdverSite Web Holdings, Inc.

Tags

    2FA Entra ID aad b2b versus b2c aad b2b vs b2c aad b2c downsides aad connect versus aad sync ad connect transformations adfs to aad ad sync to azure ad API authentication and OAuth b2b from ad to aad b2b guest users aad b2c ad to aad Capturing a Second Factor Before Full Trust Enterprise AAD AppEnterprise AAD App guest users AAD ldap in azure ad list of attribute values AAD SAML MFA Guest Users AAD migrate existing b2b users migrate existing b2c users One Time Password option One Time Passwords OTP MFA AAD saml federation to AAD SCIM - Real World Notes SMS Guest Users Azure AD sync ad to aad Syncing new users and groups to an existing AAD tenant sync users to aad visible to all users aad app
Copyright ©2025. Cloud Identity Architect
Mesocolumn Theme by Dezzain