Application Insights does not provide a turn-key ready solution that logs request and response bodies. This article shows how to leverage a custom ASP.NET Core middleware to get that data into Azure Monitor.
This post gives an introduction to OpenID Connect and the concept of identity federation.
This post shows how to use a static inbound or outbound IP together with Azure App Service.
This article shows how an App Service can be configured to consume secrets stored in a Key Vault
In this article I describe how to make use of the Azure REST API to retrieve the creation timestamp of any Azure resource. Unfortunately this info is not available via Portal or CLI.
This article gives an overview of the steps involved in the device authorization flow, which can be used by input constraint devices (clients) like smart TVs.
This article covers the terminology required to understand the OAuth 2.0 & OpenID Connect flows
This article gives an overview of the steps involved in the client credentials flow which is commonly used for server-to-server interactions.
This post talks about the authorization code flow - probably the most common OAuth 2.0 flow type. And also about the PKCE extension, which can be seen as the successor of the implicit grant flow.
OAuth 2.0 & OpenID Connect does have a reputation of being complex. In this series of posts I am documenting my own endevaours to understand this protocol in more depth
When it comes to securing a SQL server there are severeal things we need to think of. One of this things is the protection of our data in transit and/or at rest by using encryption
When I started to dive into the Azure world I found the difference between Service Endpoints and Private Links confusing. In this post I'd like to clear things up a bit and give a quick overview
