Exploring App Service Authentication on Linux

A while ago, it has been announced that App Service on Linux has gained the ability to make use of Authentication / Authorization as well. Originally, I wanted to publish the article earlier, but I got to finish it just now. This article is going to walk you through how the Authentication / Authorization works in App Service on Linux and might give you few hints how to make some more use of it.

Continue reading “Exploring App Service Authentication on Linux”

Forcing reauthentication with Azure AD

While working on a project, I stumbled upon an interesting issue – how to force the user to reauthenticate in an application – for example when accessing some sensitive information? While it may seem quite straightforward from the documentation of Azure AD, it is not that simple, and if you are using prompt=login to reauthenticate the user, I quite suggest you read on.

Continue reading “Forcing reauthentication with Azure AD”

To single sign out or not to?

When building a Line Of Business (LOB) application, you are usually better off with implementing the customer’s current Identity Provider (IdP) which could be ADFS, Azure AD or some others. The benefits are clear – users use a single account for all the services, authenticate through a central point, can be more protected by conditional access policies and as a great benefit, you can leverage the existing data through Microsoft Graph for example. So while it is obvious why to use Single Sign On in your application, a little bit less discussed topic is about Single Sign Out (SLO).

Continue reading “To single sign out or not to?”