Deep Dive with Entra External ID

Tl;dr I will show you typical CIAM challenges, scenarios, diagrams, and links to the repositories with the implementation of the new Azure Service—Entra External ID for Customers (CIAM). Big Picture Link to bigger picture. Introduction Entra External ID for Customers is a new Azure Tenant type that allows you to create digital identities for your customers. It is a separate tenant type, not connected with your organisation’s tenant. I want to show you typical CIAM challenges with the diagram (big picture)....

October 1, 2024 · Mateusz Jendza

Phone Call Authentication via Verifiable Credentials

Tl;dr Security and privacy are paramount in today’s digital age, especially regarding personal information and interactions. One innovative approach to bolstering security in digital communications, such as phone calls, is using verifiable credentials for authentication. Details Here’s a simplified explanation of how phone call authentication via verifiable credentials works. Imagine you receive a phone call from a service provider, say your customer. Instead of going through the traditional and often tedious method of answering security questions (which could be guessed or obtained by someone else), the authentication process involves a digital handshake using verifiable credentials....

July 8, 2024 · Mateusz Jendza

CIAM with AWS Cognito

TL;DR You started your cloud journey with AWS and you need to authenticate your first customers, partners. You don’t want to build your own authentication service - you want to use a managed service. AWS Cognito is a great solution for you. It is easy to start with, cheap, and easy to integrate with the frontend and backend. You can start with a sample solution from AWS and workshop....

June 9, 2024 · Mateusz Jendza

Entra External ID for Customers - Native Authentication part 1

TL;DR With Azure AD B2C we can authenticate users via a browser-based feature - we run the OpenID Connect flow in the browser, authenticate the user via the Authorization Code flow, and get the token. But what if we want to stay with the mobile application? On the Desktop application? With Entra External ID we can use the native authentication flow. PS> Native Authentication is in preview mode - it is not for production use!...

June 2, 2024 · Mateusz Jendza