Showing posts from Identity category
Secretless cross-tenant dataverse access
Call Dataverse in Tenant B from Azure Functions in Tenant A without storing secrets or certificates; use a user-assigned managed identity and a federated identity credential. The app is multitenant …
How Azure CLI handles your tokens and what you might be ignoring
The Azure CLI feels like magic: One az login and you’re in forever. But behind that convenience sits a cache of refresh tokens, shared across tools and tied to your Windows account. This post breaks …
Rethinking identity beyond passwords
In this post, I challenge the outdated obsession with password policies and complexity rules that still dominate many security conversations. Despite their legacy role, passwords no longer stand up to …