Posts

Tl;dr Security and privacy are paramount in today’s digital age, especially regarding personal information and interactions. One innovative approach to bolstering security in digital communications, such as phone calls, is using verifiable credentials for authentication. Details Here’s a simplified explanation of how phone call authentication via verifiable credentials works. Imagine you receive a phone call from a service provider, say your customer. Instead of going through the traditional and often tedious method of answering security questions (which could be guessed or obtained by someone else), the authentication process involves a digital handshake using verifiable credentials....

The underwater data centre was a proof of concept 🤖 to test a new possible way/place for servers. Please follow my story. 𝗙𝗼𝗿 𝗺𝗲, 𝘁𝗵𝗶𝘀 𝗶𝘀 𝗮𝗹𝘀𝗼 𝗮 𝗰𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝗹𝗲𝘀𝘀𝗼𝗻 𝗹𝗲𝗮𝗿𝗻𝗲𝗱: If technology is new to me, I play around with it and then build a proof of concept. The next phase for me is validation - I check the design and proof of concept with business stakeholders, architects and developers....

TL;DR You started your cloud journey with AWS and you need to authenticate your first customers, partners. You don’t want to build your own authentication service - you want to use a managed service. AWS Cognito is a great solution for you. It is easy to start with, cheap, and easy to integrate with the frontend and backend. You can start with a sample solution from AWS and workshop....

TL;DR With Azure AD B2C we can authenticate users via a browser-based feature - we run the OpenID Connect flow in the browser, authenticate the user via the Authorization Code flow, and get the token. But what if we want to stay with the mobile application? On the Desktop application? With Entra External ID we can use the native authentication flow. PS> Native Authentication is in preview mode - it is not for production use!...

Entra External ID for Customers is a new Azure Tenant type that allows you to create digital identities for your customers. Use cases B2B partners. You can create a dedicated customer tenant for your partners and give them access to your applications, manage users and groups in the tenant without partners’ access to your organisation (workforce tenant). Your data is fully secured and isolated. Online services and web shops for your retail....

B2B scenario Protect your applications and services with identity provider service based on the OpenID Connect with Identity Federations. Your solution is a ‘family’ of services and applications in the B2B model. Your partners have their identity provider—modern services like Entra ID, Octa, Auth0, and AWS Cognito. Use cases There will be no more duplicate accounts. You can use the partner identity to authenticate with our services. The email is a unique identifier, along with the password or another authentication method you provide as a partner....

Updated: 30-06-2024 Playground Entra Verified ID Workshop Do you want to try it? Use my GitHub repository to set up your credentials. Entra Verified ID Workshop You can start with my workshop and create a simple flow with Entra Verified ID. All divided into steps with the code and the explanation. Big Picture Verifiable Credentials solve problems for identities in the digital world. What does it mean? Please check the story: You own the national ID card....

TL;DR Authentication or authorization? What is the term I need to use with my current scope of work? Do I need to authenticate the user or authorize it? Ok! I need to authenticate the user and then authorize (or the opposite). Dictionary: Authentication - is the process of verifying the identity of a user. How can we do it? As a basic scenario, when only one person knows the combination of login and password, we need to check if the combination is correct to authenticate the user....

TL;DR Please stop using passwords. My stack is based on Yubikey and 1Password. Can I be a passwordless team member? Check my journey and answer the question. I improved my security with the following steps: Entra ID accounts without password, extended security on GitHub with GPG key, moved the SSH keys to 1Password, started using 1Password CLI to access secrets for ServicePrincipals. Big Picture Yubikey I started my journey with Blue Yubikey....

TL;DR You decided to build a web application in Azure - great! The solution contains App Service, CosmosDB, Blob Storage or other resouces. You started with really simple solution, but as IT Pro you decided to build three environments: Development, Test, and Production. You also decided to use Azure API Management to manage your APIs. You are aware of the security risks and you want to protect your resources. Please fallow my suggestion to use Azure FrontDoor and API Management to protect your resources....