How to setup OpenID Connect Authorization code grant flow using AzureAD?

  Рет қаралды 5,405

Security in Action 101

Security in Action 101

Күн бұрын

This video shows the steps to configure AzureAD as the OIDC provider and test the end-end flow. #azuread #azureactivedirectory #openid #identity #iam #security #sso

Пікірлер: 22
@securityinaction1018
@securityinaction1018 2 жыл бұрын
Please subscribe to this channel for regular updates kzbin.info/door/EEayyyCrJO94FYlzF0NLTg Thank You for the support.
@guardiasofgalaxy
@guardiasofgalaxy 2 ай бұрын
Only video which serves its purpose. All steps worked 100%. Thanks for simple explanation.
@securityinaction1018
@securityinaction1018 2 ай бұрын
Glad it helped!! Please like, subscribe & share this video to support this channel !! Thanks in advance.
@menatmars
@menatmars Жыл бұрын
Fantastic!!! That was explained in a really simple manner, thank you very much, it helped a lot to understand the flow of open id authentication. Keep up the good work😇👍
@securityinaction1018
@securityinaction1018 Жыл бұрын
Glad it helped! Thank you
@preminfi4887
@preminfi4887 9 ай бұрын
Awesome video. it is very helpful and easy to understand your explanation. Do you have any plans to add Azure AD as ID provider and GCP as client? thanks
@securityinaction1018
@securityinaction1018 9 ай бұрын
Thank you! When you say GCP as client, are you referring Google cloud identity?
@sameeramadushanka834
@sameeramadushanka834 6 ай бұрын
Thanks for the well-explained demo on the OpenID Connect flow. This is invaluable in understanding what happens in the flow, with the ability to see the data exchanged. Also, a plus for the simple and clear demo setup. I'm trying to authorize using AD groups by setting claims.groups: groups and enabling Azure App group claims, but I'm still not successful. Can you explain that flow?
@securityinaction1018
@securityinaction1018 6 ай бұрын
Glad it was helpful! Are you trying to get the AzureAD groups claim in ID token? Please like, subscribe & share!! Thanks in advance.
@sameeramadushanka834
@sameeramadushanka834 6 ай бұрын
@@securityinaction1018 I managed to get it done with Azure AD groups. There I used claims. groups: roles in Elastic user settings and sAMAccountName Emit groups as role claims options in Azure App registration token configuration.
@securityinaction1018
@securityinaction1018 6 ай бұрын
Are you trying the same scenario with Active Directory groups?
@sameeramadushanka834
@sameeramadushanka834 5 ай бұрын
@@securityinaction1018 I wanted to authenticate the Azure AD group users to Elastic cloud. I managed to figure out the issues and my config is working now.
@ianhokage
@ianhokage 4 ай бұрын
Is it possible to request only the id token and additional claims? Will it still require client secret if i only need the id token?
@securityinaction1018
@securityinaction1018 4 ай бұрын
Refer this learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-implicit-grant-flow Implicit flow allows that, but strictly not recommended. In authorization code grant flow, both ID and Access tokens will be returned. As per this doc learn.microsoft.com/en-us/azure/active-directory-b2c/authorization-code-flow, client secret is not mandatory for public apps.
@ianhokage
@ianhokage 4 ай бұрын
@@securityinaction1018 If I don't need the application to access protected resources in my AAD tenant, do I still need to complete the authorization code flow with access token and client secret? I just need the application to leverage OpenID to authenticate the users. Do you think implicit flow using ID token is enough for my requirement? I want to take a hint in OIDC Playground, they have the OpenID-only mode in their options. Unfortunately, the OpenId-only mode is still not available:( I'm not really good at coding so I don't fully understand how to build an authorization code grant flow. I just need to protect my AAD environment and keep the setup as simple as possible. Not requiring a client secret would help so I don't need to renew these secrets every now and then.
@securityinaction1018
@securityinaction1018 4 ай бұрын
Implicit flow is not recommended since it is not secure. I am not sure which framework you are using for your app. If it is java, you can refer this video kzbin.info/www/bejne/i5_ag2COareepdE on how to integrate a Java spring boot app with AzureAD using OIDC
@ianhokage
@ianhokage 4 ай бұрын
@@securityinaction1018 Thank you. Your videos are great by the way!
@securityinaction1018
@securityinaction1018 4 ай бұрын
Thank you. Please like, subscribe & share!! Thanks in advance.
@jayakumar2927
@jayakumar2927 8 ай бұрын
how to implemented real time
@securityinaction1018
@securityinaction1018 8 ай бұрын
You can check the videos in this playlist for some of the use cases kzbin.info/aero/PLLFnfBgEq5NJhWHCYH2VvZZMkAe0ZBA-u
How to add Microsoft Azure AD as a OIDC Identity Provider in AWS Cognito?
20:14
How to add Microsoft Azure AD as a OIDC Identity Provider in AWS Cognito?
Security in Action 101
Рет қаралды 8 М.
OAuth 2.0 & OpenID Connect (OIDC): Technical Overview
16:19
OAuth 2.0 & OpenID Connect (OIDC): Technical Overview
VMware End-User Computing
Рет қаралды 162 М.
#JasonDeruloTV // Emotions 😮#GotPermissionToPost From @gardalandmagic #FromTheIslands
00:28
#JasonDeruloTV // Emotions 😮#GotPermissionToPost From @gardalandmagic #FromTheIslands
Jason Derulo
Рет қаралды 28 МЛН
哈莉奎因怎么变骷髅了#小丑 #shorts
00:19
哈莉奎因怎么变骷髅了#小丑 #shorts
好人小丑
Рет қаралды 56 МЛН
Spongebob ate Michael Jackson 😱 #meme #spongebob #gmod
00:14
Spongebob ate Michael Jackson 😱 #meme #spongebob #gmod
Mr. LoLo
Рет қаралды 11 МЛН
Watermelon magic box! #shorts by Leisi Crazy
00:20
Watermelon magic box! #shorts by Leisi Crazy
Leisi Crazy
Рет қаралды 78 МЛН
Oauth 2.0 Authorization Code Flow | Microsoft Graph
15:52
Oauth 2.0 Authorization Code Flow | Microsoft Graph
Concepts Work
Рет қаралды 60 М.
Azure AD Authorization Code Flow With Proof Key For Code Exchange(PKCE) | Azure AD Authentication
14:55
Azure AD Authorization Code Flow With Proof Key For Code Exchange(PKCE) | Azure AD Authentication
AzureTeach•Net
Рет қаралды 2,7 М.
How to integrate Java Spring Boot application with AzureAD using OIDC?
32:16
How to integrate Java Spring Boot application with AzureAD using OIDC?
Security in Action 101
Рет қаралды 11 М.
OAuth 2.0 and OpenID Connect (in plain English)
1:02:17
OAuth 2.0 and OpenID Connect (in plain English)
OktaDev
Рет қаралды 1,7 МЛН
Get started with OAuth 2.0 On-Behalf-Of flow | Microsoft Entra ID
15:55
Get started with OAuth 2.0 On-Behalf-Of flow | Microsoft Entra ID
Microsoft Security
Рет қаралды 6 М.
How to integrate AzureAD B2C with AWS API Gateway JWT Authorizer?
34:39
How to integrate AzureAD B2C with AWS API Gateway JWT Authorizer?
Security in Action 101
Рет қаралды 3,8 М.
An Illustrated Guide to OAuth and OpenID Connect
16:36
An Illustrated Guide to OAuth and OpenID Connect
OktaDev
Рет қаралды 594 М.
SAML & Azure AD | Demo with Drop Box | Azure AD Gallery Application | Setup SAML authentication
33:58
SAML & Azure AD | Demo with Drop Box | Azure AD Gallery Application | Setup SAML authentication
ITProGuide
Рет қаралды 87 М.
New Zealand 2016 Integrating OpenID Connect OAuth2 with Azure AD and ADFS
50:35
New Zealand 2016 Integrating OpenID Connect OAuth2 with Azure AD and ADFS
25msr
Рет қаралды 945
Implementing SSO (Single Sign On) in Enterprise Applications Using Azure AD - Devweek 2023
36:45
Implementing SSO (Single Sign On) in Enterprise Applications Using Azure AD - Devweek 2023
Encora Inc
Рет қаралды 1,1 М.
#JasonDeruloTV // Emotions 😮#GotPermissionToPost From @gardalandmagic #FromTheIslands
00:28
#JasonDeruloTV // Emotions 😮#GotPermissionToPost From @gardalandmagic #FromTheIslands
Jason Derulo
Рет қаралды 28 МЛН