Debugging access issues when using Managed Identities can be difficult, so here is a trick to getting an access token to inspect token contents or test access outside the app

Exploring the new, standard way of granting access to Key Vault through Azure RBAC instead of access policies

Updated look at the current state of the Azure Active Directory v2 endpoint and the Microsoft Authentication Library

How to configure and use the combination of Azure Storage and Azure Key Vault for data protection in ASP.NET Core with the new Azure integration packages

Newly announced at Ignite 2019, Microsoft now offers free certificates to secure your Web applications running on Azure App Service

Microsoft has improved the security of all APIs using Azure AD authentication and it's awesome, but it doesn't mean you can relax

Failing to check for permissions in Azure AD access tokens leads to your API being vulnerable

The dangers of embedding secrets in native applications, and how to implement Azure AD authentication there without secrets

Goes through methods of storing secrets in a way where they cannot end up in the shared code repository

Some things to watch out for in your multi-tenant Azure AD applications that support a limited number of tenants