How to offload cryptographic operations to Azure Key Vault such that your application never has to handle the private keys.

The new isolated process model for .NET Azure Functions allows usage of middleware, which we can use to implement authentication and authorization

Debugging access issues when using Managed Identities can be difficult, so here is a trick to getting an access token to inspect token contents or test access outside the app

Exploring the new, standard way of granting access to Key Vault through Azure RBAC instead of access policies

Updated look at the current state of the Azure Active Directory v2 endpoint and the Microsoft Authentication Library

How to configure and use the combination of Azure Storage and Azure Key Vault for data protection in ASP.NET Core with the new Azure integration packages

Newly announced at Ignite 2019, Microsoft now offers free certificates to secure your Web applications running on Azure App Service

Microsoft has improved the security of all APIs using Azure AD authentication and it's awesome, but it doesn't mean you can relax

Failing to check for permissions in Azure AD access tokens leads to your API being vulnerable

The dangers of embedding secrets in native applications, and how to implement Azure AD authentication there without secrets