42 lines
1.7 KiB
Markdown
42 lines
1.7 KiB
Markdown
# Day 77 - Connect to Microsoft Graph in Azure DevOps using Workload Identity Federation - Jan Vidar Elven
|
|
|
|
|
|
|
|
This note accompanies my contribution for 2024 edition of 90DaysOfDevOps, which consists of:
|
|
|
|
- A video: [Link]()
|
|
- A presentation deck for reference: [Link]()
|
|
- This markdown file and a summary below, and a blog post where I have more details.
|
|
|
|
## What is Workload Identity Federation?
|
|
|
|
WIF is..
|
|
|
|
## What are Service Connections?
|
|
|
|
Service Connections..
|
|
|
|
## About Microsoft APIs protected by Entra ID
|
|
|
|
Microsoft have several well-known APIs that support OIDC (OpenID Connect) and OAuth2 for Authentication and Authorization, like Azure Resource Manager Rest API, Microsoft Graph API, KeyVault API to name a few.
|
|
|
|
In addition you can create, expose and protect your own APIs via App Registrations, so there are a lot of usage scenarios.
|
|
|
|
All this Microsoft APIs can be accessed securely and without secrets using Workload Identity Federation and Service Connections in Azure DevOps.
|
|
|
|
## Blog post
|
|
|
|
Here is a previous blog post I published that show the details on how to set this up:
|
|
|
|
https://gotoguy.blog/2023/09/15/connect-to-microsoft-graph-in-azure-devops-pipelines-using-workload-identity-federation/
|
|
|
|
## About me
|
|
|
|
I'm Jan Vidar Elven, and work as a Senior Architect in Evidi AS in Norway, I'm a Microsoft Security MVP, and specialize in Microsoft Entra, IAM (Identity Access Management), IGA (Identity Governance & Administration), Security, Cloud Platform solutions using Microsoft Azure, and DevOps.
|
|
|
|
Connect with me at:
|
|
|
|
- [LinkedIn](https://linkedin.com/in/janvidarelven)
|
|
- [X](https://x.com/JanVidarElven)
|
|
- [GitHub](https://github.com/janvidarelven)
|