Great contents, One thing to add that adding secret only allows to copy till that page is refreshed. Once refreshed no way to obtain secret. Also it will be good to know in depth the difference between App registration and Enterprise application registration. Still these are some of the best contents I have seen about Microsoft Azure. Thank you (::)
I understand OAuth is an authorization protocol where OIDC is an authentication protocol. How do we differentiate OAuth and OIDC with respect to configuration.
You did great job explaining. I have few questions since I have building sass b2b app 1. How can I restrict tennents 2. If one of client org is not on AAD how to setup authentication
When you are talking about the restrictions, can you tell us, if you want a restriction, where your application cannot be added to some other tenant ??
Hello, Thank you for covering this. I would like to know how can I add a windows AD group into a custom claim on Azure AD? I am looking to use AD groups for applications running on a platform that uses role-claims or custom claims to enable applications to have access groups or AD groups separately.
hey - it would be great if you can link the previous video in description, as I came to this video through google, cant find the last video you've been referring in this post.
great Video. i need to create an sendtoEmail for printing domain that uses microsoft oauth2.0 protocol for authentication/authorization. I guess we can use specific scopes for validating the Microsoft provided SMTP servers that are used to send emails
Thanks for such an amazing and detailed playlist on Azure AD..(y) I have a small doubt , We have lot of Apps registered in out Tenant and some of the APPs even we dont know who owns ,, Is there a way we can find whether the app is still using through some logs ?
i have an azure function, when i add authentication via Microsoft , chose the first option to create an app with default selections from rest of the control works, but if delete the mapping and re map the same app to the same azure function app in authentication , its not working. what could be the problem
Urgent question, sorry running on project deadline : I am looking for ways to be able to query MS Graph to grab all the email messages based on certain conditions that our programmer is building a code for and save in " .msg or .eml format. " in a database. I am unable to find a way to do that as looks like Microsoft doesn't allow grab of .msg ( outlook file) and retrieve it. Is there a way in MS graph or do we use a 3rd party api to accomplish this task ?
Your app must use the right permissions, like mail read write all. Check out this sample script to query data. $tenant = Read-Host ('Enter your Tenant Name') $Openid = Invoke-RestMethod -uri "login.microsoftonline.com/$tenant/.well-known/openid-configuration" $tokenendpoint = $Openid.token_endpoint $Body = @{ client_id = "44537229-5f1-155e658f6f13" client_secret = "741C1Ni~z-D3M.E1" redirect_uri = "localhost" grant_type = "client_credentials" resource= "graph.microsoft.com" tenant = "$tenant" } $token = Invoke-RestMethod -uri $tokenendpoint -Body $Body -Method Post $token.access_token $QueryUrl = 'graph.microsoft.com/beta/users//messages' $ma = Invoke-RestMethod -Headers @{Authorization = "Bearer $($token.access_token)"} -Uri $QueryUrl -Method Get $mail = $ma.value This script is using client credential flow, also replace the value of client id and client secret with your app, and also make sure you update $queryurl
@@ConceptsWork thanks, yes permissions can be configured - but does MS graph allows us to download an entire outlook email message in ".msg" format ? How to confirm it does / how to query a message and when found download the .msg file for that message ?
Best videos regarding MS 365 in youtube. God bless man.
It was really informative video. Thank you for sharing this with us
Great contents, One thing to add that adding secret only allows to copy till that page is refreshed. Once refreshed no way to obtain secret. Also it will be good to know in depth the difference between App registration and Enterprise application registration. Still these are some of the best contents I have seen about Microsoft Azure. Thank you (::)
Good going... luckily needed the user data via Graph as well .. thanks
Very well explained
Great content like always
Great explanation. Thanks 😊
Thanks for watching!
Grate Contents, Brother Thank you.
I understand OAuth is an authorization protocol where OIDC is an authentication protocol. How do we differentiate OAuth and OIDC with respect to configuration.
thank you so much for the video.
You did great job explaining. I have few questions since I have building sass b2b app
1. How can I restrict tennents
2. If one of client org is not on AAD how to setup authentication
When you are talking about the restrictions, can you tell us, if you want a restriction, where your application cannot be added to some other tenant ??
Hello, Thank you for covering this. I would like to know how can I add a windows AD group into a custom claim on Azure AD? I am looking to use AD groups for applications running on a platform that uses role-claims or custom claims to enable applications to have access groups or AD groups separately.
now how to decide what shld be the uri u mentioned the first console
Please Make a Video for New application registration in Azure Active directory using SAML/Please post the video link you have made it already.
hey - it would be great if you can link the previous video in description, as I came to this video through google, cant find the last video you've been referring in this post.
Hi, Video was great!! please create video which says the difference between OAUTH 2.0 and OpenID connect protocol... Thank you
Hi Pallavi, there is a playlist already for that - ruclips.net/video/Xa2LqLKnnoM/видео.html&ab_channel=ConceptsWork
Can we create alerts for automation account certificate expiry by using aap registration service
great Video. i need to create an sendtoEmail for printing domain that uses microsoft oauth2.0 protocol for authentication/authorization.
I guess we can use specific scopes for validating the Microsoft provided SMTP servers that are used to send emails
Can we have multiple applications point to a single "registered application" in AD? Based on different application can redirect URL change?
Sccm registration should be there to sync cloud collection to azure Ad
Would like understand in much deep how we have add custom claim in preregistration ID_Token, like if I want to add UPN how it can be done.
For sure will add that in our next post.
Thanks for such an amazing and detailed playlist on Azure AD..(y)
I have a small doubt , We have lot of Apps registered in out Tenant and some of the APPs even we dont know who owns ,, Is there a way we can find whether the app is still using through some logs ?
For each applicatio nyou can use sign in logs, use microsoft graph to query data.
i have an azure function, when i add authentication via Microsoft , chose the first option to create an app with default selections from rest of the control works, but if delete the mapping and re map the same app to the same azure function app in authentication , its not working. what could be the problem
Are your providing all the details like client id and secret.
Can u give the link of oauth series
Thanks for the details. Would you provide pointers/more details about implicit grant flow and Integrated Windows Authentication option?
For sure, we will try to post.
Urgent question, sorry running on project deadline : I am looking for ways to be able to query MS Graph to grab all the email messages based on certain conditions that our programmer is building a code for and save in " .msg or .eml format. " in a database.
I am unable to find a way to do that as looks like Microsoft doesn't allow grab of .msg ( outlook file) and retrieve it. Is there a way in MS graph or do we use a 3rd party api to accomplish this task ?
Your app must use the right permissions, like mail read write all.
Check out this sample script to query data.
$tenant = Read-Host ('Enter your Tenant Name')
$Openid = Invoke-RestMethod -uri "login.microsoftonline.com/$tenant/.well-known/openid-configuration"
$tokenendpoint = $Openid.token_endpoint
$Body = @{
client_id = "44537229-5f1-155e658f6f13"
client_secret = "741C1Ni~z-D3M.E1"
redirect_uri = "localhost"
grant_type = "client_credentials"
resource= "graph.microsoft.com"
tenant = "$tenant"
}
$token = Invoke-RestMethod -uri $tokenendpoint -Body $Body -Method Post
$token.access_token
$QueryUrl = 'graph.microsoft.com/beta/users//messages'
$ma = Invoke-RestMethod -Headers @{Authorization = "Bearer $($token.access_token)"} -Uri $QueryUrl -Method Get
$mail = $ma.value
This script is using client credential flow, also replace the value of client id and client secret with your app, and also make sure you update $queryurl
@@ConceptsWork thanks, yes permissions can be configured - but does MS graph allows us to download an entire outlook email message in ".msg" format ? How to confirm it does / how to query a message and when found download the .msg file for that message ?
thats the question.
Hello Sir, Could you please share the scrip in this video that u used
How to login to mailbox using client and secret key using java code..
In End of this video you have Retrieved users are those users from Auzre-AD or from application it self ?
Azure AD.
Is the script posted on Community ?
Yes
@@ConceptsWork Kindly provide the link for community
Please share the script
Which Script ?
@@ConceptsWorkat 26:35
@Concepts Work Sir, requesting you to kindly share for the same. TY
Could you please share the script which is used to test application.