Getting the group claims when authenticating with Azure Active Directory

I started working on some internal web applications for a customer. For these types of applications, it makes a lot of sense to use Azure Active Directory to authenticate users and use their AAD groups/roles to authorize them on specific pages. I wanted to authorize users by the AAD groups they are placed in. Some users can access Production data, while others are only allowed to access data from the Test environment, all based on the groups they are in. Read more →

Installing ASP.NET Core preview and beta to your App Service

A couple of weeks ago I was busy creating some proof of concept applications using Blazor, which was still labeled preview at the time. To get all of this deployed and working in an Azure App Service, I needed the preview .NET Core runtime installed. An App Service is a PaaS offering, which means you don’t have any influence on what version of the software gets installed on the underlying system. Read more →

Tune your Terminal with a PowerShell profile

With the new Windows Terminal available I’ve been searching on how to upgrade my console experience. I see a lot of people improving their terminal to show important information, like which Git branch you are working on, which Azure subscription, the actual location on disk, etc. A couple of months ago I came across Brad Wilson his post on the matter and I like the way his terminal looks. His post, is rather straightforward, but there was some information missing. Read more →

My notes for passing the AZ-300 and AZ-301 exams

A couple of weeks ago I’ve passed both the AZ-300 and AZ-301 exams. You’re required to pass both of these exams in to get the Azure Solutions Architect Expert certification. After posting a tweet I got a lot of responses asking if I had any pointers on what to learn. Instead of responding to each person individually it makes more sense to share what I’ve used to study and hopefully it’s helpful to others also. Read more →

How to search for users inside your Azure Active Directory (AAD)

If you’ve read my earlier post on authentication of actions invoked in a Microsoft Teams MessageCard, you’ve probably seen the only useful information we get in the user’s token is the Object Id (oid). { "iat": 1560799130, "ver": "STI.ExternalAccessToken.V1", "appid": "48afc8dc-f6d2-4c5f-bca7-069acd9cc086", "sub": "bc6c3ca0-5acd-4cd4-b54c-f9c83925e7e3", "appidacr": "2", "acr": "0", "tid": "4b1fa0f3-862b-4951-a3a8-df1c72935c79", "oid": "b26c3c10-5fad-4cd3-b54c-f9283922e7e2", "iss": "https://substrate.office.com/sts/", "aud": "https://serverlessdevops.azurewebsites.net", "exp": 1560800030, "nbf": 1560799130 } While this is nice, it doesn’t really tell us much. Read more →