I'm very sorry to ask such a broad question, but I haven't found any direct answer when I and colleagues have searched the internet.
We have AWS Lambdas that needs to authenticate and authorize from an Azure AD.
How do we accomplish this?
I understand that the question is very broad and hard to answer, but if someone knows of a good guide or some step by step instructions that can help me get going I would appreciate it greatly.
Forget the "AWS Lambda" part. Consider it as external app that needs to get token from Azure AD in order to have it's requests authorized. You can achieve this using Azure AD REST API.
https://learn.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code
Microsoft offer the Active Directory Authentication Library. Information on ADAL can be found here:
https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-authentication-libraries
In terms of identity and access management, you have a few options but I would recommend the use of Azure Service Principals. More information can be found:
https://learn.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals
If you're not familiar with Azure AD, or OAuth, and are inquisitive enough, you should really start at the beginning:
https://learn.microsoft.com/en-us/azure/active-directory/develop/
The docs are written plainly and very well, in my opinion.
Related
I was looking for a tutorial or stackoverflow thread but I couldn't find a best practice how I can do it.
I have an ios swift app and I want to send sms if a user create an add a record in Firebase, like sending an invitation to someone or doing something which could affect other user.
According to some post on the internet and on your blog I need a server side script which makes it safe and I don't have to store those information in my swift code. Like here: https://www.twilio.com/blog/2016/11/how-to-send-an-sms-from-ios-in-swift.html
Currently I don't have a server. Only thing that I have is a Firebase account.
What is a best practice regarding security? For instance shall I create a webserver on AWS or just a AWS S3 bucket would be enough and shall I store those credentials or php codes there?
I'm quite new in the these things and unfortunately I don't know whom shall I ask.
Can somebody help me?
My question may be too broad or vague, but I cannot best describe it in any other way than I am doing it.
I have multiple Django applications. I have implemented SSO successfully for the same. All this things work. Now, I have been given a new task and its like this.
I have to integrate Microsoft ADFS authentication into my suite of applications and broaden the scope of current SSO.
My understanding of it is as, when I log into my laptop which is on corporate network (I assume this is how I have to put it) I also get logged into my django applications
I seriously have no idea of how this work as I have no experience with ADFS. Can anyone with experience of this explain it with a scenario of how it works so that I can understand it and think of a solution to it.
PS: If there is any more information needed I will provide. Also, if downvoting the question do put a reason so that I can edit the question and post it as it should be.
if Django supports SAML based login, then you set it up to trust ADFS. ADFS will automatically take care of logging in using your logged in credentials to a domain joined machine inside the corporate network. If the user accessed externally, it would prompt for password or a certificate based auth (e.g. smartcard) to login the user.
My question may be too broad or vague, but I cannot best describe it in any other way than I am doing it.
I have multiple Django applications. I have implemented SSO successfully for the same. All this things work. Now, I have been given a new task and its like this.
I have to integrate Microsoft ADFS authentication into my suite of applications and broaden the scope of current SSO.
My understanding of it is as, when I log into my laptop which is on corporate network (I assume this is how I have to put it) I also get logged into my django applications
I seriously have no idea of how this work as I have no experience with ADFS. Can anyone with experience of this explain it with a scenario of how it works so that I can understand it and think of a solution to it.
PS: If there is any more information needed I will provide. Also, if downvoting the question do put a reason so that I can edit the question and post it as it should be.
if Django supports SAML based login, then you set it up to trust ADFS. ADFS will automatically take care of logging in using your logged in credentials to a domain joined machine inside the corporate network. If the user accessed externally, it would prompt for password or a certificate based auth (e.g. smartcard) to login the user.
Some time ago I was browsing the web, when I found a service that allowed to access multiple API's using single, unified interface and single login.
I remember that I browsed the catalog of API's and check OCR services to see what features they offer.
I don't remember if it was a free service or paid one. I didn't bookmark it and now I can't find it. I have found only API's catalog on Programmable Web.
Is anyone knows the name of this service?
Well, after getting one vote down I decided to google more. No results. I reviewed bookmarks and... bingo!
It's called mashape.com and what I have had in mind was this catalogue.
Disclaimer: I have no connection to this service. I just liked the idea.
Edit:
I have just found API search:
{API}Search.
It does not allow to access mutiple API's using single credentials, but might be usefull for API's discovery.
I will launch soo a new iPhone app and want to off-load the forums to my actual FogBugz On Demand account.
However, I discover that FOD have no facility to integrate Single sing-on. I use django and have the option to use open-id, but not know if exist a way to make this happend.
Obviously, I could hack a simple forums like the one on FogBugz in django or reuse one, but I just think that aintegrated forum with the bug tracking is the best thing.
Any idea?
FogBugz On Demand now natively includes some authentication methods other than the standard username/password authentication.
Setting up authentication with Google's OAuth is quite simple for companies using Google Apps for work email. Once an administrator enables OAuth following the instructions in this article on Fog Creek Software's help site, logging in is as simple as clicking the OAuth button on the login page. All of the users' settings are retained.
If you’re already managing the rest of your authentication through a SAML 2.0 provider, you can also use your identity provider for FogBugz login. Steps for configuring SSO can be found in this article. This requires a bit more configuration than OAuth, but will work for companies that don't use Google Apps for email.
Of course, if you have any questions about configuring SSO in FogBugz, you can always contact customer support at http://www.fogcreek.com/contact/.
From the FogBugz forum:
http://support.fogcreek.com/default.asp?fogbugz.4.102256.3
I believe this is you there also. The answer provided shouldn't be too difficult to implement.