Azure Active Directory Workload Identity Federation with external OIDC IdP
Рет қаралды 3,463
Күн бұрынIn this video, we experiment with the Azure Active Directory Workload Identity Federation using external OpenID Connect identity provider (OIDC IdP) including our own fake JWT token, another AAD tenant, Auth0, and GCP. As of February 2022, AAD Workload Identity Federation is in "preview". We use Azure Portal to create "federatedIdentityCredential" for Azure AD application registration and use Postman to invoke various OAuth2 endpoints and discuss various error messages and responses.
/ azure-active-directory...
00:00 Introduction
02:05 Create AAD application
04:00 Fake JWT token
10:30 Another AAD tenant as IdP is not supported
13:55 Auth0 as IdP
20:18 GCP as IdP
25:28 List Azure Resource Groups via ARM API
27:00 Another fake JWT token
@mystiqkc Ай бұрын
Excellent video!
@tubebha 2 жыл бұрын
Thanks Arsen for such a wonderful explanation, especially the approach of step-by-step evolution of the concepts. I am really a big fan of approach that shows the error and then what those error means and then the right approach to solve that error scenario. A big thumbs-up and a big thanks to you.
@ArsenVlad 2 жыл бұрын
Thank you Arvind!
@Philip-Fourie 9 ай бұрын
@Arsen, I totally agree with @tubebha. Thanks for making this video, I really enjoyed it.
@akashkarve1991 Жыл бұрын
I really like this video. Simple explanation with demo of complex topic. Keep it up Arsen.
@ArsenVlad Жыл бұрын
Thank you Aakash!
@sanppatil Жыл бұрын
Wow, You simplified this stuff with so much clarity. Love this video.
@ArsenVlad Жыл бұрын
Thank you Sandip! Glad you found it useful.
@user-kd4lr5oi9e Жыл бұрын
Hi, I liked your video. I have a question.. If I am using external Idp and my client(or client-id) is kubernetes.local (AKS cluster) , then how I can configure it? Thanks.
@gurusworld8226 11 ай бұрын
Good one, you save my time, I was struggling to make a configuration. I can visualize how much effort you put into this. Thanks for sharing us. I am trying to authenticate external oauth token which is also hosted in Azure but in a different Tenant, could you help me to Authenticate that. I am getting below error. "AADSTS700222: AAD-issued tokens may not be used for federated identity flows.
@ArsenVlad 11 ай бұрын
Thank you! Glad this was helpful for you. I mentioned about 10:30 min into the video that using another AAD tenant as the IdP is not currently supported.
John Savill's Technical Training
Рет қаралды 12 М.
John Craddock Identity and Access Training
Рет қаралды 1 М.
Arsen Vladimirskiy
Рет қаралды 2,8 М.
CNCF [Cloud Native Computing Foundation]
Рет қаралды 1,7 М.
John Savill's Technical Training
Рет қаралды 214 М.
DevOps w/ George
Рет қаралды 6 М.
Google Cloud Tech
Рет қаралды 11 М.
Adam Marczak - Azure for Everyone
Рет қаралды 142 М.
Cloudy Security with a chance of an attack
Рет қаралды 263