Azure Developer Community Blog

Options
1,483
Andreas Helland on Jan 30 2023 11:47 AM
2,303
Sherrylist on Jan 23 2023 04:34 AM
2,501
AdamJ89 on Jan 09 2023 05:06 AM
1,562
Sherrylist on Jan 09 2023 02:30 AM
1,658
Andreas Helland on Jan 04 2023 11:59 AM
6,347
Jamesdld23 on Dec 30 2022 05:13 AM
1,953
Sherrylist on Dec 12 2022 06:00 AM
1,815
hannahhunter on Dec 07 2022 02:27 PM
3,378
MayuriBhavsar on Dec 07 2022 01:17 AM
3,316
cenkc on Dec 06 2022 12:16 PM
3,708
Laziz_Turakulov on Nov 28 2022 02:19 PM
3,882
adrian_hall on Nov 28 2022 10:12 AM
7,464
adrian_hall on Nov 18 2022 09:00 AM
4,272
Daniel-Kim on Nov 01 2022 12:37 PM
4,580
NinaSui on Nov 01 2022 10:52 AM
3,072
Daniel-Kim on Oct 31 2022 10:45 AM
6,516
stephaneeyskens on Oct 29 2022 05:48 AM
4,339
Asir_Selvasingh on Oct 27 2022 01:02 PM
3,177
rickydiep on Oct 25 2022 11:06 AM
2,974
greenie-msft on Oct 19 2022 09:18 AM
5,174
Julia_Liuson on Oct 13 2022 11:48 AM
6,306
stephaneeyskens on Oct 08 2022 04:38 AM
2,274
Ed Price on Oct 05 2022 05:03 PM
3,683
Jeffrey Chilberto on Oct 05 2022 01:34 PM
2,977
cedricve on Oct 04 2022 07:26 AM
12.5K
rickydiep on Sep 28 2022 08:00 AM
3,603
AdamJ89 on Sep 19 2022 06:21 AM
4,841
Jeffrey Chilberto on Sep 12 2022 07:36 PM
12.3K
cesardl on Sep 12 2022 04:30 PM
6,274
aayodeji on Aug 31 2022 11:24 AM

Latest Comments

Hi @Rezaal860 - we will need to check into that. Feel free to open a support ticket on that one so it gets the appropriate attention and we can gather all the required data.
0 Likes
There are various fraud detection methods that they use, but some of the most common include suspicious activity reports, transaction monitoring, and data analytics. Suspicious Activity Reports (SARs) are one of the primary ways that banks detect fraud.
0 Likes
@adrian_hall we tried the policy fragment route , but soon hit the wall because multi-valued claim check simply doesnt work in the new policy validate-azure-ad-token. To be precise, this wont work: <fragment> <validate-azure-ad-token tenant-id="contoso.onmicrosoft.com" failed-validation-error-messag...
0 Likes
Hi @Rezaal860, given the way that Azure AD scopes and permissions work, there should be no problem doing a generic check at the product level, and then either checking the decoded JWT during the API and Operation or doing another check for the specific claims. Policy fragments will allow you to set ...
0 Likes
@adrian_hall Great works. Thanks for this new policy. Quick question why did you guys decide to make client ID and audience, mandatory? What if somebody wants to check for different attributes at different levels. For example, at the API level I would like to do something like below policy and it do...
0 Likes