jpda.dev

Turning identity up to 11.

Apr 20, 2023

DarkSky to WeatherKit: from API keys to signed JWTs

As of March 31st, the Dark Sky API is no more, replaced by Apple’s WeatherKit. I’ve used the Dark Sky API as it had a generous free-tier, was easy to...

Feb 10, 2021

Hacking on the On-prem data gateway for GCC-mid accounts

I had an interesting one come across my desk here at WTF HQ earlier this week - before I knew it, I was up to my neck in decompiled data...

Mar 24, 2020

Creating a Teams presence publisher with Azure Functions, local and cloud

Want to go straight to the code? Here it is Teams Presence Presence info has been around a long time - we had it in Skype for Business and its...

Dec 2, 2019

Using NSwag and SwaggerUI with Azure AD B2C-protected APIs

Interested in hosting SwaggerUI/OpenAPI docs for your B2C-protected APIs? NSwag Swagger/OpenAPI is a way of defining your APIs through a common markup - from that markup, you and your customers/API...

Nov 19, 2019

Automating non-RBAC AKS and kubectl with Azure AD service principals

This came across my desk this morning and it happens frequently enough that I figured it worth writing about (write once, refer frequently!). Cloud services are made for automation from...

Oct 30, 2019

Retrofitting OIDC to legacy systems via reverse proxy

Obviously we want systems that use modern authentication. In the case of Azure AD, you get the good stuff, like Conditional Access and a whole host of new authentication mechanisms,...

Jun 14, 2019

Private App Service-to-App Service calls in multitenant PaaS

Recently, Shannon & I got an interesting request from a customer who is using multi-tenant App Services (e.g., non-ASE), but wanted to keep communications restricted to their virtual network. If...

Oct 23, 2018

Geo-replicating Azure Service Bus with guaranteed ordering

Photo by Slava Bowman Recently, I had an interesting question come across my desk from a customer: How do we ensure Service Bus message ordering and get active/active geographic availability?...

Oct 5, 2018

SmartThings, Chamberlain/LiftMaster MyQ and Lowes’ Iris

I’ve been on paternity for a bit now so taking time to tackle some home projects. Today’s was a Z-Wave Garage Door remote for SmartThings. The kids are constantly leaving...

Sep 8, 2018

An idea for enhancing transparency in app stores

Original source, CC-BY 2.0 I saw an article today about apps that send location data to third parties. This isn’t especially new, but it got me thinking. https://techcrunch.com/2018/09/07/a-dozen-popular-iphone-apps-caught-quietly-sending-user-locations-to-monetization-firms/ I’ll preface this...

Aug 9, 2018

Generic ListAdapter for Xamarin.Android RecyclerView

I’ll preface this to say I know literally nothing about Android (or mobile, in general) development. I’ve used Xamarin for about 7 hours now and I think it’s neat, but...

Jul 5, 2018

Azure Traffic Manager with Web Apps in different subscriptions

We get some strange and interesting requests over here at WTF HQ and today’s is no different. From a colleague: One of my clients has web apps in one sub,...

Jun 4, 2018

Getting your BigQuery refresh_token for Azure DataFactory

Over here at WTF HQ, I’ve now had a couple data scientist friends ask about getting this wired up — so let’s dig in. If you’re moving BigQuery data with Azure Data...

Mar 27, 2018

Using Azure Managed Service Identities with your apps

If we want to access protected resources from our apps, we usually have to ship a key and secret in our app. This traditionally meant registering an application/service principal in...

Jun 16, 2017

Quiet

I have been quiet on here recently. There are two major reasons why, which I’ll get to here momentarily — but the tl;dr is that the majority of any new production is...

Dec 7, 2015

Azure Site-to-Site on Unifi Security Gateway

It can be done. A little painful, but doable. Recently decided to upgrade from my Netgear SRX5308 here at home to a shiny new Unifi Security Gateway (v3). Quieter, much less...

Nov 30, 2015

Adding your valuable partner as Azure Digital Partner of Record

The Partner of Record program allows Microsoft partners to get a cut of customers’ spend in various online services. Office 365 and Azure are two of the big services offering...

Sep 24, 2015

Windows 10 IoT — Device Provisioning + App Deployment

Windows 10 IoT — the promise of a universal app that can run, quite literally, anywhere. This includes tiny, cheap computers like the Raspberry Pi and Minnowboard MAX. Raspberry Pi 2 It’s quite...

Jul 30, 2015

Updating ADFS 3 for WIA on Windows 10

Updated 7/30/15 Here’s the latest that’s working with IE 11 on Windows 10 RTM/10240: Set-AdfsProperties -WIASupportedUserAgents @(“MSIE 6.0”, “MSIE 7.0; Windows NT”, “MSIE 8.0”, “MSIE 9.0”, “MSIE 10.0; Windows NT...

Jul 7, 2015

Economics of VSO Build vs. Agents

I’m looking into build agents for VSO for a client this week. If you haven’t noticed in your VSO tenant, the build.vNext system is now available in most of them....

Jun 16, 2015

Availability vs. Consistency, through the eyes of a toddler.

Fred. More cloud patterns in real life — this one, while a little silly, illustrates availability, geographic redundancy, rolling upgrades and consistency. Enjoy. Meet Fred. This is Fred. Fred is my son’s...

May 14, 2015

Build, Ignite, New Stuff, Come to TriAUG 5/26

What a wild few weeks — Build saw the official announcement of Service Fabric and some other hot Azure news and Ignite saw Azure for Enterprise/Azure Stack and loads of other announcements....

Apr 8, 2015

LOL — Late nights with Azure Search and Attributes for Index Metadata

I’m working with a client right now on modernizing and simplifying their search to use the new Azure Search service. Sure, the examples online are fine, but I wanted to...

Apr 2, 2015

Cloud Patterns are all around us

I’ve been spending quite a bit of time in Tampa recently — most recently Cardinal’s first annual Innovation Summit for our Tampa service. I like flying to Tampa because the airport has...

Mar 25, 2015

Is the sky falling?

Today was a neat day in the Azure space — Azure Websites has grown up and found itself. We’ve got new units of functionality that can build fully functional apps and workflows,...

Mar 22, 2015

Using Organizational Accounts for Azure Subscription Administration

Here’s one we get frequently — no one wants their enterprise Azure account administered by someone’s Xbox Gamertag. ‘noobslayer@hotmail.com’ doesn’t look great during a review of admins, nor is it easy to...

Mar 14, 2015

Azure AD — the most basic of basics.

I’ve been speaking about Azure AD + cloud identity a lot recently, mostly at DevCamps along the east coast (which, by the way, if you’re near one you should come...

Jan 19, 2015

Adding Existing VHDs to Azure Resource Groups

Azure Resource Groups. Simultaneously the most exciting and most frustrating part of Azure vNext. While powerful, today they’re quite inflexible — no API is exposed to allow editing info (like names), moving...

Jan 12, 2015

Protecting WCF with Azure AD

Mobile services. MVC Web APIs. They’re all over and ubiquitous now. In some cases though, WCF is still the platform of choice for service developers. Sometimes it’s interoperability with other...

Jan 5, 2015

Consolidating Services for Maximum Efficiency

Every day we’re bombarded with vendors, providers and ahem consultants telling us we need to break up our apps for maximum scalability & availability for the cloud. This is true — one...

Dec 11, 2014

TenantDbContext for Table Storage

For anyone who’s used the ASP.net MVC templates with multi-organizational authentication, you’ll inevitably end up with a bunch of generated entity framework goo for keeping track of organizational certificate thumbprints...

Sep 29, 2014

Smartphones Don’t Seem Very Smart Anymore

That headline may come across as rather spoiled, a la Louis CK’s always entertaining rant against people complaining about wifi on airplanes (you’re in a chair. In the air). The...

Sep 5, 2014

Headless Azure AD User Creation

If you’ve spent any time with the Azure Graph API, it’s pretty sweet. Federated identity for the masses, with almost zero drama. Up until now I was mostly doing logins,...

Aug 20, 2014

I’ll be at SharePoint Saturday, come out!

I’ll be speaking at SharePoint Saturday in Charlotte on September 20th. My session is on building a ‘shim’ for passive logon to Microsoft Online Services (Office 365, Azure, any federated...

Jul 29, 2014

Azure Admins vs. Azure AD Admins

This is a point that’s a bit ambiguous. I’m an Azure Service administrator, so I should be able to access the Azure AD associated with that tenant, right? In a...

Jul 17, 2014

DocuSign + SharePoint Online

Document signing + SharePoint Online with non-licensed users flew across my desk at WTFHQ today. Here’s the basic requirement: Licensed users need to store PDFs in SharePoint while getting them...

Jul 16, 2014

Library Post

If you’re here wondering why the Library Post SharePoint app isn’t working, I’ve got some news for you. Unfortunately, it’s not good news, as I’m currently unable to access, manage...

Jun 10, 2014

Azure Cloud Service Endpoint ACLs

Recently, Azure VMs got endpoint ACLs — this is a great addition and one of the biggest things I missed from AWS’ security groups. Using them on VMs is great and all,...

Jun 10, 2014

Denying Access through ADFS + Yammer

Start here if you haven’t already. We’ll start with the last example — I’m piloting Yammer, I’ve got some users I want to grant access, but a whole lot more I want...

Jun 10, 2014

Denying Access to ADFS-secured Applications

I’m going to have to make this a two-parter, because some company *ahem* Yammer — doesn’t appear to handle the Deny (http://schemas.microsoft.com/authorization/claims/deny) claim very well. By very well, I mean at all....

Jun 5, 2014

Still think you can do it better?

My wife’s work laptop is a joke. Although she has no administrative rights, it recently got infected with one of those ransomware-type viruses. I tried to help her out — what I...

May 31, 2014

SharePoint Online + IRM + External Users

Since I can’t seem to find anything online regarding external users + IRM secured lists, I decided I should put it up here. In short, External users using Microsoft Accounts...

May 27, 2014

Azure Storage Queue names + 400s

Keep ’em lowercase. They’re DNS names, so while the should be case-insensitive, they are, in fact not. So if you’re getting 400s creating queues (since Bad Request is so helpful,...

May 26, 2014

I migrated my blog this weekend

Needless to say, you’ve made it. I decided to move both johndandison.com/blog & wtfsharepoint.com here and to consolidate the content. There’s still some stuff lagging behind, but I think for...

Jan 14, 2014

Shared Workstations, ADFS & SSO (or, just who the *hell* do you think I am?!)

An interesting problem came across my desk at WTFHQ this week. Then it asked me to drop trau and cough. Shared Workstations. Shared workstations. Used by those in the most...

This project is maintained by jpda