Latest articles

In this part we look at how the integration tests made in third part can be run in Azure DevOps

In the fourth part we look at how the integration tests made in the previous part can be run in a GitHub Actions workflow

In the third part we look at how we might build automated integration tests against an Azure AD-protected API

In the second part, we setup application permissions on the API, and see how to test the API using Postman (as a user and as an app)

In the first part in this series, we will look at how to setup Swagger UI so it can be used to test an Azure AD-protected API.

Newly announced at Ignite 2019, Microsoft now offers free certificates to secure your Web applications running on Azure App Service

Sneak peek of what is to come in my presentation at Techorama NL 2019

Microsoft has improved the security of all APIs using Azure AD authentication and it's awesome, but it doesn't mean you can relax

Failing to check for permissions in Azure AD access tokens leads to your API being vulnerable

The dangers of embedding secrets in native applications, and how to implement Azure AD authentication there without secrets