Hack 1 - Implement user authentication and authorization Flashcards
What is Azure Active Directory (Azure AD)?
Azure AD is a cloud-based identity and access management service that helps employees sign in and access resources like Microsoft 365, Azure, and other SaaS apps.
What is OAuth 2.0?
OAuth 2.0 is an open standard for token-based authentication, allowing third-party services to exchange credentials without exposing user passwords.
What is OpenID Connect (OIDC)?
OpenID Connect is a protocol built on OAuth 2.0 that adds an identity layer, allowing applications to verify the user’s identity and obtain profile information.
What are the key roles of Azure AD B2C?
Azure AD B2C provides business-to-consumer identity management, allowing users to sign in using social accounts (Google, Facebook) or local accounts.
What is the difference between Authentication and Authorization?
Authentication is the process of verifying the user’s identity, while Authorization determines what actions the user is permitted to perform.
How do you secure an Azure App Service using Azure AD?
You can secure an Azure App Service by enabling authentication/authorization in the Azure portal and configuring Azure AD as the identity provider.
What is Managed Identity in Azure?
Managed Identity is a feature that allows an Azure service to authenticate with Azure AD without managing credentials directly.
How does Role-Based Access Control (RBAC) work in Azure?
RBAC allows you to assign specific roles to users, groups, or applications, limiting access to resources based on the role assigned.
What are the main token types used in Azure AD authentication?
The main token types are Access Tokens, ID Tokens, and Refresh Tokens, used to authenticate, authorize, and maintain sessions.
What is Multi-Factor Authentication (MFA)?
MFA adds an additional layer of security by requiring two or more verification methods, such as a password and a phone verification, to access resources.
What is the purpose of Conditional Access in Azure AD?
Conditional Access controls access to cloud apps based on conditions like user location, device, and risk level, enforcing security policies dynamically.
How do you implement authentication in a single-page application (SPA) using Azure AD?
You can use MSAL.js (Microsoft Authentication Library for JavaScript) to integrate Azure AD into SPAs, handling authentication and obtaining tokens.
What is the Microsoft identity platform?
Microsoft identity platform is a collection of tools and services for developers to build applications that can authenticate users and get tokens for accessing resources.
What is a security principal in Azure?
A security principal is an object in Azure AD representing a user, group, or service principal with access rights to Azure resources.
How can you configure app roles for an Azure AD app registration?
App roles are defined within an app registration in Azure AD and can be assigned to users or groups to control access to specific app functions.