The API Call is Coming from Inside the House!
Securing applications with the Microsoft identity platform.
It's the middle of the night when there is a bump in the logs. Something is trying to get in. Your palms start to sweat as your mind races. How was that last microservice secured? Was it a home grown JWT implementation? Maybe some sample code from Stack Overflow? When were the latest patches supposed to be applied anyways?
Let's join together to lock all the doors and board up the windows. We'll invoke the almost mystical powers of the Microsoft identity platform to secure our applications. We'll dive into the sea of confusing nomenclature and the alphabet soup of acronyms to make sense of the common flows of modern authentication. Let's explore how to apply these concepts to a variety of different types of applications and APIs.
It's going to be a dark and stormy night and we need to be ready. Now, let's all split up and find that intruder!