How to Get to the Keys/Secrets From Azure Active Directory

Introduction This article has been written to help find where the keys/secrets are in the Azure portal depending on how you have set up your application. It will also provide some help in regards to extending/changing the Client Secret for an Enterprise Application in a Multi-Tenanted Scenario.     Custom AAD Registration Keys/Secrets In order to access the keys for an AAD application registration, you can follow the steps highlighted…

Read More

Query String is not allowed in redirect_uri for Azure AD

Problem: See update at the end.  This is no longer an issue. Customer configures the following redirect URLs for his registered application in Azure AD and issues the following request to authenticate to Azure AD: GET https://login.microsoftonline.com/<tenant id>/oauth2/authorize?client_id=<app id>&redirect_uri=https%3a%2f%2flocalhost%3a44396%2fbac%2faad%3freqId%3dA123&response_mode=form_post&…. After logging in he is redirected to https://localhost:44396/bac/aad instead of https://localhost:44396/bac/aad?reqId=A123. The redirected URL does not have anything after the query string. Root Cause: The behavior is by design.  This is…

Read More

V2 App Registration is missing an “Add Owner” button

Problem: Customer registers an application in the app registration portal (https://app.dev.microsoft.com). He is not able  share the application with other users since the “Add Owner” button is missing. Root cause: This problem can happen if the user registers the application in the app registration portal (V2 portal) under his personal MSA account. The behavior is documented in the following link: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-limitations Resolution: Re-register the application under an Azure AD account…

Read More

Implementing Service to Service Authorization and Getting the Access Token with Postman Utilizing Client Credential Grant Type

Introduction This article is meant to show how one can set up a client application to obtain a service to service access token, to get access to a web API from a web App. This document will be following the grant type client credential flow to do this, and will utilize Postman to get the access token via client credentials. This tutorial will not set up the backend web API,…

Read More

Changing an existing Native Application to a Web App/API to get existing keys

Introduction   This article is meant to help get the keys from your native application. We used to show the keys in native applications however we took out that feature because the native application is not meant to have keys/secrets. As a result some people have had keys/secrets with their native applications however they currently still use those keys/secrets. This article is to help those people in order to get…

Read More

Tracing All Network Machine Traffic Using MITMProxy for Mac OSX

Introduction This article is meant to help you configure your Mac OS X to be able to track all your network traffic using MITMProxy. This is a free and open source alternative to Fiddler, Charles, and other network tracing alternatives for Linux/mac OS X systems. Also in addition MITMProxy is a more robust system that gives the user more configurability and programmability as there is a Python API for MITMProxy…

Read More