Cloud Identity Architect

OAuth – a primer

anuj April 25, 2025 OAuth – a primer2025-04-25T20:24:06+00:00 OAuth 2.0

Understanding OAuth: Client Types, Flows, and Key Concepts OAuth is the backbone of modern API security, enabling controlled access to resources without sharing user credentials. At its core, OAuth is…

Two OAuth Flows – Public and Private

anuj March 14, 2025 Two OAuth Flows – Public and Private2025-03-14T14:59:27+00:00 OAuth 2.0

Public Flow - Through the Browser, Token returned to the browser. Implicit Grant Flow Private/Confidential Clients (Backend OAuth Flow), Client Credentials Flow Public clients use different authorization flows, like…

Bearer Tokens Based Authentication

anuj January 18, 2025 Bearer Tokens Based Authentication2025-01-18T01:49:31+00:00 API Authentication

Bearer Tokens Based Authentication Bearer Tokens can be either OAuth Authorization Code Grant Flow OR Client Credentials Grant Flow OAuth Authorization Code Grant While there are a number of different…

Private Key JWT Authentication

anuj November 13, 2024 Private Key JWT Authentication2024-11-13T03:05:54+00:00 JWT

Private Key JWT Authentication Private Key JWT (JSON Web Token) Authentication is a method where a client uses a private key to sign a JWT that authenticates it to a…

WFH and Remote Access Security Risks

anuj October 21, 2024 WFH and Remote Access Security Risks2024-10-21T15:10:46+00:00

Mitigation - Important multi-factor authentication automatic session timeouts and access monitoring Unauthorized access to devices Any machine that is capable of connecting to your network should be protected using multi-factor…

Work from Home – Laptop Options

anuj October 21, 2024 Work from Home – Laptop Options2024-10-21T15:10:17+00:00 Troubleshooting - network and identity

The VDI Option The simplest and most configurable. The VDI can also be domain joined to either the on premises Windows Server AD or to an Azure only AAD domain.…

Domain joining an Azure VDI to a corporate Windows Server AD

anuj October 15, 2024 Domain joining an Azure VDI to a corporate Windows Server AD2024-10-15T01:40:49+00:00 Active Directory (On Premises)

Can you domain join an Azure VDI to a corporate Windows AD? Yes. Windows Server Active Directory Domain Services (ADDS) which is synchronized with Azure Active Directory (AAD) using Azure…

Can you SSO into an API?

anuj October 7, 2024 Can you SSO into an API?2024-10-07T20:18:11+00:00 SSO

Yes - SSO to an API is possible using one of the following tools API Manager Supports SAML-based SSO, which allows users to log in to API Manager and other…

API authentication and OAuth

anuj October 7, 2024 API authentication and OAuth2024-10-07T16:21:20+00:00 OAuth 2.0

OAuth for API Authentication - Some Security Checks Limit SCOPE of OAuth token to READONLY Limit The duration - expiration of the Token to a short lived token Restrict the…

Microsoft Intune Device Management

anuj October 1, 2024 Microsoft Intune Device Management2024-11-01T14:11:34+00:00 Active Directory (On Premises)

Microsoft Intune and Azure Active Directory (Azure AD) are both services that help manage devices and users in an organization, but they have different functions: Azure AD A universal identity…

‹123 4 ›»