Please subscribe to this channel for regular updates kzread.info/dron/EEayyyCrJO94FYlzF0NLTg.html Thank You for the support.

Only video which serves its purpose. All steps worked 100%. Thanks for simple explanation.

@securityinaction1018

9 күн бұрын

Glad it helped!! Please like, subscribe & share this video to support this channel !! Thanks in advance.

Fantastic!!! That was explained in a really simple manner, thank you very much, it helped a lot to understand the flow of open id authentication. Keep up the good work😇👍

@securityinaction1018

Жыл бұрын

Glad it helped! Thank you

Thanks for the well-explained demo on the OpenID Connect flow. This is invaluable in understanding what happens in the flow, with the ability to see the data exchanged. Also, a plus for the simple and clear demo setup. I'm trying to authorize using AD groups by setting claims.groups: groups and enabling Azure App group claims, but I'm still not successful. Can you explain that flow?

@securityinaction1018

3 ай бұрын

Glad it was helpful! Are you trying to get the AzureAD groups claim in ID token? Please like, subscribe & share!! Thanks in advance.

@sameeramadushanka834

3 ай бұрын

@@securityinaction1018 I managed to get it done with Azure AD groups. There I used claims. groups: roles in Elastic user settings and sAMAccountName Emit groups as role claims options in Azure App registration token configuration.

@securityinaction1018

3 ай бұрын

Are you trying the same scenario with Active Directory groups?

@sameeramadushanka834

3 ай бұрын

@@securityinaction1018 I wanted to authenticate the Azure AD group users to Elastic cloud. I managed to figure out the issues and my config is working now.

Awesome video. it is very helpful and easy to understand your explanation. Do you have any plans to add Azure AD as ID provider and GCP as client? thanks

@securityinaction1018

6 ай бұрын

Thank you! When you say GCP as client, are you referring Google cloud identity?

Is it possible to request only the id token and additional claims? Will it still require client secret if i only need the id token?

@securityinaction1018

Ай бұрын

Refer this learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-implicit-grant-flow Implicit flow allows that, but strictly not recommended. In authorization code grant flow, both ID and Access tokens will be returned. As per this doc learn.microsoft.com/en-us/azure/active-directory-b2c/authorization-code-flow, client secret is not mandatory for public apps.

@ianhokage

Ай бұрын

@@securityinaction1018 If I don't need the application to access protected resources in my AAD tenant, do I still need to complete the authorization code flow with access token and client secret? I just need the application to leverage OpenID to authenticate the users. Do you think implicit flow using ID token is enough for my requirement? I want to take a hint in OIDC Playground, they have the OpenID-only mode in their options. Unfortunately, the OpenId-only mode is still not available:( I'm not really good at coding so I don't fully understand how to build an authorization code grant flow. I just need to protect my AAD environment and keep the setup as simple as possible. Not requiring a client secret would help so I don't need to renew these secrets every now and then.

@securityinaction1018

Ай бұрын

Implicit flow is not recommended since it is not secure. I am not sure which framework you are using for your app. If it is java, you can refer this video kzread.info/dash/bejne/h6KrtI-RZbXRn9I.html on how to integrate a Java spring boot app with AzureAD using OIDC

@ianhokage

Ай бұрын

@@securityinaction1018 Thank you. Your videos are great by the way!

@securityinaction1018

Ай бұрын

Thank you. Please like, subscribe & share!! Thanks in advance.

how to implemented real time

@securityinaction1018

5 ай бұрын

You can check the videos in this playlist for some of the use cases kzread.info/head/PLLFnfBgEq5NJhWHCYH2VvZZMkAe0ZBA-u