Previous blog in this series: Guide for Zero-Trust Conditional Access design – Part 0: how to document? – The Entra Guy A lot of examples for conditional access design start from the premise “given this set of conditions, how can I make sure that security controls X & Y are enforced”? For example: “If our Read more

Microsoft Entra Conditional Access is more and more becoming the cornerstone of Access Control and security in the Microsoft cloud and any application that is integrated with it. This series of blog posts assumes that you have a basic understanding of what Conditional Access is and how it works; if not, there is plenty of Read more

Over a year ago, in the middle of the Corona epidemic, I recorded a 2-part webinar on Azure Active Directory authentication protocols such as OpenId Connect and OAuthV2 (and briefly about SAML too) In these webinars, I dive into the authentication protocols and schemes, such as Authorization Code grant, device code, implicit grant, client-credentials grant, Read more

The new basis of Microsoft’s partner access model, is based on GDAP: GDAP or ‘Granular Delegated Admin Privileges’ is a relatively new feature, well-known in the Microsoft Cloud Service Provider and Partner world, but it often less known to customers, although they are most impacted by this. In this blog, we will dive into this Read more