Entra External ID Token Enrichment

What is Token Enrichment? Entra External ID token enrichment is a process where additional claims, attributes, or context are added to authentication tokens (ID Token, Access Token or both) during the authentication flow. This enrichment enhances the security token with supplementary information that can be useful for authorization decisions and user context. Common examples include: Customer ID from your CRM system User ID from an external profile store Authorization context from your application Role information from Fine-Grained Authorization systems like OpenFGA The enrichment happens through a REST API call with a fixed contract defined by the Entra ID team. At the end of this post, you’ll find the complete API contract specification. ...

February 3, 2025 · Mateusz Jendza

Entra ID as a Code

Make life easier with Entra ID as Code TL;DR It is the end of 2024; daily, we use the following: CI/CD pipelines for infrastructure as code (IaC) deployment to create Services, Applications, Storages, etc, permissions (RBAC) from resources to resources (App Service WebApp1 should read Blob Storage WebApp1Storage), secrets, we hate them, but we found a solution to avoid secrets with Managed Identity and Workload Identity solutions, What is the plan for us? We will use Azure Portal and Entra ID blade to manage our applications, permissions, and secrets. We can create and update our app registrations via the browser. Can we improve our Entra ID and Entra External ID with IaC, as shown in the screenshot (Picture 1) below? ...

November 28, 2024 · Mateusz Jendza